Establishing Digital Trust: Don't Sacrifice Security for Convenience
The overall damage to the Internet on Sept. 11, 2001, when terrorist attacks collapsed the World Trade Center and punctured the Pentagon, destroying networks and communications equipment, was minimal, according to a report released yesterday by the National Academies' National Research Council. But the council warned that IT leaders shouldn't take that digital resiliency as a reason to slack off security efforts -- especially since the attack did not focus specifically on the network.
"Internet service providers and users need to address some operational issues to better prepare for and respond to future emergencies in light of the useful role the Internet played after the attacks," warns the council.
The council's report noted that the telephone system, the more traditional and widely spread method of communications, suffered more damages than online communications, such as email and online news sites. One-third of Americans, according to the council, had trouble making a telephone call on the day of the attacks, while the Internet suffered only a small loss of connectivity. And that is despite the fact that New York, which suffered the greatest force of the terrorist attacks, is home to major network hubs."The terrorist attacks provoked a national emergency during which we could see how the nation and the world uses the Internet in a crisis," says Craig Partridge, chair of the committee that wrote the report and chief scientist at Cambridge, Mass.-based BBN Technologies. "Overall, the Internet displayed not only its resilience on Sept. 11, but also its role as a resource."
The committee found that serious effects on the Internet were isolated to New York City and a few other locations. Most of the damage was quickly fixed through the rapid deployment of new equipment and the rerouting of Internet traffic to bypass failed parts of the network.
Sept. 11, though not focused on attacking the network, shed some light on potential vulnerabilities.
The committee warns IT administrators in key businesses or in the service sector to review their dependency on the Internet and plan accordingly. Contingency plans should be put in place, set up the ability to coordinate with local authorities and prepare a hot site, or a mirrored system in a remote location so the company would have a means of restoring service. Prepare for not only an interruption in Internet service but in electric power, as well, the committee warns.