Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

1/23/2007
07:15 AM
50%
50%

Living Off the Grid

Planning for disaster recovery before you're stuck with a crippled cable service

The Internet was, as we all know, designed by researchers working under contract for the Department of Defense. The problem that DOD was interested in was survivability -- making a network that was robust enough to withstand the loss of a few major nodes, seeing graceful degradation of the rest of the network.

In other words, in the event of war, the Soviet Union could nuke San Francisco and we'd lose access to Berkeley and Stanford, but the rest of the network would still be fully connected. Of course, this is trivial if you have a fully connected network, but the goal was to have a sparse set of connections and a robust set of routing algorithms that could dynamically adjust for the loss of even major nodes.

So why revisit this bit of history now? Well, recent events have tested that very design, and in a way that allowed me to personally experience the pain of lost connectivity.

The event I'm referring to was the magnitude 6.7 earthquake that shook Taiwan the day after Christmas. Its epicenter was just off the Taiwanese coast and its force was such that most of the major trans-Pacific fiber optic cables were severed.

I happen to live in one of the least connected nations on the planet, Cambodia. Being an American geek, my VOIP phone and Gmail account are critical to my daily existence. At the moment most of my IP communications are operating at a snail's pace (even more than usual), if they work at all. The ability to reroute traffic through European links, and thus over the Atlantic cable systems, took a few days to get in place. Even now those links are minimally helpful, at least here.

Lessons learned? Well, I guess the good news is that I sometimes have access to my Gmail. As I understand things, the cables require special ships to repair them, and at least one of those ships was out of commission at the time of the quake, further delaying repair. So the cables are still out of service, but I have service, even if it is degraded. Score a point for fancy routing algorithms.

The bad news is the service is still degraded, a month later, and it isn't likely to get better any time soon. If this had been an attack or disaster at one of the major U.S. hubs (e.g. one of the MAEs), the whole fabric of the Internet would likely be crippled. Let's hope their recovery plans include having equipment available to implement the plan.

If I were still in charge of a corporate disaster recovery plan, I'd take this as a not-so-subtle reminder to review it regularly, and I'd make sure everyone understand the resources needed to implement the plan. It isn't the sexy part of security, but it is the sort of thing that can save your organization millions of dollars in the event of a major problem. That's probably worth few hours of your time every couple of months, don't you think?

Nathan Spande has implemented security in medical systems during the dotcom boom and bust, and suffered through federal government security implementations. Special to Dark Reading

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5252
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2019-5235
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-5264
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
CVE-2019-5277
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
CVE-2019-5254
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...