November 25, 2003 11:48 AM PST

Blackouts highlight network vulnerabilities

Related Stories

A 20-year plague

November 25, 2003

MSBlast echoes across the Net

August 15, 2003

Bush unveils final cybersecurity plan

February 14, 2003

E-terrorism: Digital myth or true threat?

August 26, 2002
The summer's blackouts weren't caused by a worm or virus, but the failures highlight infrastructure weak spots, a report concluded this week.

The Internet was far more seriously affected than previously thought by the blackouts that swept Europe and North America this summer, and without more investment in backup power, it is in no shape to supersede the telephone network for primary communications, according to the report, by data analysis company Renesys.

"While the very largest provider networks--the Internet backbones--were apparently unaffected by the blackout (in North America), many thousands of significant networks and millions of individual Internet users were offline for hours or days," the report stated. "Banks, investment funds, business services, manufacturers, hospitals, educational institutions, Internet service providers, and federal and state government units were among the affected organizations."


Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.


On Aug. 14, the North American blackout hit more than 9,700 customer networks, belonging to more than 3,500 organizations, in the affected area, the report said. A third of these networks suffered from "abnormal connectivity outages" during the blackout. Of those, more than 2,000 networks suffered severe connectivity outages for more than four hours, and more than 1,400 networks for more than 12 hours--some even more than 48 hours.

The networks suffering from abnormal connectivity outages belonged to more than 1,700 organizations, and more than 1,000 groups had outages of all of their networks that lasted more than four hours. Nearly half of those organizations involved in global Internet routing lost connectivity to some or all of their networks in the blackout area.

The failures were not caused by malicious attackers nor any major Internet threat spreading at the time, according to a report a U.S. and Canadian government-appointed task force released last week.

"Analysis to date provides no evidence that malicious actors are responsible for or contributed to the outage," the Security Working Group report said. "There is also no evidence, nor is there any information suggesting, that viruses and worms prevalent across the Internet at the time of the outage had any significant impact on power generation and delivery systems."

That report--titled "Interim Report: Causes of the August 14th Blackout in the United States and Canada"--doesn't dismiss the threat of a cyberattack affecting critical infrastructure. It cites a previous incident at an offline nuclear power plant as an example of the potential effects of a cyberattack. The Davis-Besse plant, run by FirstEnergy Nuclear, had control systems infected by the Microsoft SQL Slammer worm, which proceeded to cause havoc on the plant's internal network. The power plant's safety system and process computer were inaccessible for several hours. The nuclear facility had been offline so that workers could fix a problem with the reactor.

The task force continues to work with law enforcement in both countries to examine the possibility that malicious attackers had a hand in the Aug. 14 power outage.

However, the report from Renesys stressed that specific effects of the blackout on Internet availability were geographically well-localized, and no evidence was found of cascading failures affecting global Internet stability.

This is backed up by the London Internet Exchange (LINX), the largest Internet exchange point in Europe. More than half of all Internet traffic in Europe passes through it. A LINX spokeswoman said that in mid-August, there was a slight dip in traffic flowing through the LINX routers but that this dip was too small to be significant.

"We route a lot of traffic from ISPs in the U.S., so if the traffic had affected them, we would see it," she said. "We saw no problems for August--the network traffic continued to flow."

Besides, she said, none of the serious operators have their equipment running without backup generators. "The backup generators at Telehouse on Broadway in New York can provide enough power to run a small city."

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.