According to a Yahoo! News article, an FBI official has suggested that "one way to protect critical utility and financial systems would be to set up a separate, highly secure Internet." FBI executive assistant director Shawn Henry refines this notion by explaining that security threats against critical infrastructure cannot be solved by throwing more technology at the problem and adds that eliminating anonymity is also an important consideration. Gen. Keith Alexander, director of the National Security Agency weighs in, calling for Pentagon and Intelligence agencies to improve security. Alexander adds that "when a computer network is infected, someone should be able to disconnect it".
|
A colleague on a security mailing list stimulated a lively discussion by asking whether it's possible to build such a network, tempting the list members with that all-powerful aphrodisiac - unlimited funding - and the equally compelling incentive, "and your life depends on solving the problem." My answer (somewhat refined from my post) is Not with current, commercially available technology, software and user behavior. |
The Myth of Unlimited ResourcesEven with limitless funding, and even if you were to start from scratch, adopting all the trusted computing and networking paradigms we have considered in various forums over the years, I am still skeptical that you would accomplish what you seek. While commercial vendors and government approved contractors may cringe at the thought of turning down the challenge of exhausting limitless funding, Henry is correct when he says "We can't tech our way out of the cyberthreat". But suggesting that rooting out anonymity and insisting on having the ability to decouple burning cars from the train are essentially "tech" responses. Limiteless funding is a siren's call. By combining this with a missive as visceral as "your life depends on finding a solution", you may rally the troops but you are very likely to fail because you have omitted a fundamental consideration |
Photo by spikenzie |
We can't secure the human OS
We have very little knowledge for how to secure the human OS. Until you can secure the human OS, you cannot expect to dramatically reduce the threat landscape.
The solution to scuring the human OS doesn't involve carving out separate secure networks - and there would eventually be many, not just one. For example, you could significantly reduce the likelihood of falling victim to a compromise of your online banking if you were to use a live (bootable) CD, enable a network adapter, launch a browser, and only connect to your bank. For some banks, you'd even be challenged to establish your machine ID each session. Some folks would be happy to do this (I do...) but the solution does not scale to large populations of impatient users.
Be certain you can secure the human OS and that you take that security model to scale or you are simply reinventing the wheel.