Critical Infrastructure and dependencies
"Critical infrastructure is a term used by governments to describe assets that are essential for the functioning of a society and economy" [http://en.wikipedia.org/wiki/Critical_infrastructure]
In Australia both Thursday and Friday morning there was a widespread outage (more here and here) of about an hour with Telstra, which is one of the big telecommunications providers in Australia. On Thursday it seemed that there was no international connection with Telstra at all and on Friday it seemed that root DNS servers were not available from the Telstra network. Sites whose addresses were cached were accessible, those that required resolution were not (at least on the networks I was connected to).
Many of you will probably read this and think, so what, it just one ISP. But the situation is a little bit different here (and I don't mean upside down). In Australia up until 1997 there was only one telecommunications provider, Telstra (under different names). The company built all the infrastructure and to this day still owns and maintains a very large portion of the networks. Pretty much every ISP and other Telecommunications company has varying degrees of dependency on Telstra.
The end result is that the outage last Thursday and Friday morning was not limited to one ISP, but affected many ISPs who depend on the Telstra infrastructure or who resell Telstra services. So when looking at critical infrastructure, whether just your organisation's or country, it may not always be obvious how services are provided and there may be dependencies that can affect you of which you were not aware. When looking at critical infrastructure you have to start thinking outside the box and look at all the elements that make up a specific service and not limit yourself to only your organisation, but also examine the external influences on the infrastructure your company or country depends on.
Mark H - Shearwater
SANS Critical Infrastructure Protection Course with Marc Sachs September 10-11 Canberra.
SANS Network Security 2009 @Night Classes
If you are coming to San Diego in a few days for SANS Network Security 2009, be sure to check out the SANS @Night classes. We've got several, including one that I am doing on Thursday night for parents of "Internet Kids." That talk is open to the general public, not just students registered for the main conference. You'll need to sign up for these classes in advance. Details are on the conference web site.
Several of the handlers will be at NS2009 so be sure to look us up and say hello. Hope to see you there!
Marcus H. Sachs
Director, SANS Internet Storm Center
Comments