Wouldn't The Last Thing We Want During A 'Cybersecurity Emergency' Be For The Gov't To Take Over Private Networks?

from the given-their-technical-knowledge... dept

A bunch of folks are sending in this News.com story about a draft of the latest cybersecurity bill, that still includes bizarre and totally unnecessary language that would allow the President to declare a cybersecurity emergency and then be able to take control over private computer networks. First, the idea of the whole “cybersecurity emergency” that would require such a thing still remains a science fiction idea. Yes, there can be cybersecurity attacks and they can cause all sorts of problems, but these are problems that generally are not life-threatening or that can’t be handled reasonably.

But the bigger issue is why the government should be taking control over private networks. This is the same gov’t that doesn’t let people in the State Department use Firefox and which thinks that RealPlayer is the state of the art in online video streaming. Even if there were a “cybersecurity emergency,” I would think the last people I’d want to take charge would be the federal government.

Filed Under: ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Wouldn't The Last Thing We Want During A 'Cybersecurity Emergency' Be For The Gov't To Take Over Private Networks?”

Subscribe: RSS Leave a comment
Rich Kulawiec says:

They're utterly incompetent

The DHS — THE FRACKIN’ DHS — has been awarded an “F” grade in security for the third year in a row. And that’s generous: the only reason they earned an F is that no lower grade is available.

And these are the people who think they have some tiny, insignificant clue about “cybersecurity”?

Yeah. Riiiiiiight.

rich (profile) says:

The government does some things well and some things abysmally badly. Then again so do large private organizations. In general I think government gets dumped on more than it deserves. However, for network security there’s an advantage in decentralized control. Sure some nets will be badly secured, but others will be impenetrable. I’d worry that centralized control by anyone, public or private, would give us lowest common denominator security. Let the government focus on properly securing their own networks. If they do a good job, make the results available via open source for others to use freely.

Anonymous Coward says:

A commenter who goes by the name “tech10171968” on another site said the following. I shamelessly re-posted it here without permission.

This shit has absolutely nothing to do with “cybersecurity”. Allow me to explain:

Back in the days before cable networks and satellite TV you only had a few outlets for news: the “Big Three” networks (ABC, CBS, NBC) and a few major-league newspapers (Washington Post, New York Times, etc). A President could damned near accidentally set off a global thermonuclear war and his Chief of Staff could cover it up so easily because the news was only getting out to the unwashed masses through a few chokepoints (those “Big Three” networks I mentioned earlier).

Those days came to a screeching halt when the first dail-up modem hit the retail shelves. Nowadays news of any shenanigans coming from our politicians and others is getting out via news sites, blogs, Twitter, etc; and, thanks to all these new sources, not only is that same news is getting out **faster** but it’s also damned near impossible to head it off at the pass. There’s way too many sources getting around those traditional media chokepoints. As a result, these days the President can’t even pick his nose without it winding up on the Drudge Report 10 minutes later (if not sooner).

If I were a politician or corporate interest planning on some nefarious deeds or trying to sneak some controversial bill behind everyone’s backs, I would want the Internet shut down cold. The internet is making it a lot harder to pull off shit stunts or make backroom deals without half the planet finding out about it within hours. THIS is why certain parties would love the power to pull your computers off the net.


Fred McTaker (profile) says:

Re: Re:

I saw the same comment on Digg, where apparently the GOP/Libertarian knee-jerk crowd has been having a hissy fit over this. I’m surprised to see the Techdirt crowd is susceptible to the same “death panel” GOP spin BS.

“””This particular legislative language is based on longstanding statutory authorities for wartime use of communications networks. To be very clear, the Rockefeller-Snowe bill will not empower a “government shutdown or takeover of the Internet” and any suggestion otherwise is misleading and false.”””

An attack is an attack, whether the source is foreign or domestic. Saying the Executive Branch of government doesn’t have the authority to take out a network server being used in a cyber-attack, just because it’s on a domestic or corporate network, is akin to saying they don’t have the right to take out any domestic terrorists caught in the act, just because they’re attacking from their own turf. In the case of cyber-attacks, the attack source may not be intentional — the cause may be a previous infection with a bot, trojan, or worm, but the effect is the same. If any network source is attacking core U.S. network infrastructure, the ability to cut that connection is necessary. Just ask Estonia.

In any case, this isn’t even a finished Bill. Read the actual Bill before jumping to conclusions, as I’m sure Obama will before he signs anything.

John Laprise (profile) says:

Ummm...The President already can shut down the Internet...

Following 9/11, the only surprise here is that Congress is putting it in writing. The President already has broad authority to manage US transportation and communications networks in time of national emergency. There is strong and long standing precedent for this (WWI and seizure of radio stations). President Bush ordered a full ground stop of air traffic on 9/11. In the face of a massive cyberattack upon US websites from forign locales, I would expect the government to do the same. It wouldn’t be instantaneous but it would be pretty quick. There’s only so many fiber optic cable landings in North America. Moreover, the White House, via the Department of Commerce and the National Telecommunications and Information Administration (NTIA), has oversight authority over ICANN. How many TLDNS’s are there in the US? How crippled would the Internet be if they were all taken offline more or less simultaneously?

Don’t get me wrong, I think that the President should have this power. But it is a power only to be used in extremis like on 9/11. Really, who among you even conceived of a total air traffic ground stop? How many of you objected to it? How many people questioned it in the aftermath? I’ll wager very few. I would suggest to you that in a cyber 9/11 scenario, where unknown hackers systematicly disable SCADA systems wreaking havoc on utilities infrastructure and release a virus that randomly reassigns blood types in medical records, the President of that future day will cripple the Internet and you will be glad that he did.

With the first ship came the shipwreck…

Tek'a R (profile) says:

Re: Ummm...The President already can shut down the Internet...

but even the most devious hacker has no way to hijack an Internet and crash it into a building.

Air Traffic Groundstop =/= Internet Communications Stop

Utility infrastructure online?
Medical records without a thousand offline and onlined backups?

I would support bills to force utilities to keep their systems tight, and systems in place to force Them off the net when compromised, and accountability/backup requirement for medical records storage.

Any mythical superhackers with their supervirus would have compromised systems and planted timed packages long before their “Cyber 9/11 Scenario” went into effect, and a POTUS-initiated “Internet Shutdown” could only have the effect of slowing/stopping detection and reaction to threats.

Think of it like closing all roads to all traffic, even police and fire teams, AFTER the criminals have left. Or locking the gate after the horses have all been stolen. Its reactionary in the worst ways.

This is of course assuming that, even after chopping fiber hardlines with an axe or something, you could really kill all network connections between the US and anywhere else.

jlaprise (profile) says:

Re: Re: Ummm...The President already can shut down the Internet...

“Air Traffic Groundstop =/= Internet Communications Stop”

On the contrary, federal statute as it stands presently sees them in exactly the same way. The point I am making is not about whether a shutdown would be good policy or bad policy. Rather, The President already is legally empowered to do this and bill in Congress is oblivious to the truth on the ground.

I nor anyone that I know has modeled what would happen if you shut down the main MAE links and say 6-8 TLDNS’s at the same time. Furthermore, no chopping would be required. The airlines cooperated with a ground stop. Are you seriously suggesting that (the heavily regulated) Tier 1 providers would not honor a request from the federal government? My guess is that it would probably not shutdown the Internet but would cripple it for a time. Your comment of being too little too late and even counter productive may be entirely correct. I just don’t know.

As for effects of soft power, simply consider how much worse a natural disaster with the added difficulties of even minor hacking. A cyber 9/11 would likely not be simply a massive set of hacks, rather the perpetrators would combine them with some actual physical attacks. As for data backups, how long does it take a large organization to realize that its data has been tampered with? Sure if every record is worng but what if only a random 4-5% of records are altered. How quickly would an organization choose to do a full restore from a backup? moreover, how much doubt would that sow in other organizations?

As for the true skeptics, please note that no one seriously considered and even scoffed at the idea of people crashing a plane into a building for mass casualties. That being said, it was a theme in popular fiction. Anyone read any Tom Clancy? Previous non-existence is no guarantee of future non-existence.

Finally, I am aware of why the US was attacked on 9/11. I also realize that they haven’t given up and that we’re the the main enemy and the way to hurt us and change our policy is by altering the fundamental economics of the struggle. Publicly and horrificly destroying two buildings in our largest city has, to their minds, not changed our behaviour sufficiently. It has resulted in setbacks for them and a general tightening of physical security making their operations and communications harder and more dangerous. All that means is that they are looking for another way to influence US policy. A large scale cyberattack is simply one possibility and one which the current administration is taking far more seriously than previous administrations. The efforts they are putting into cybersecurity relative to previous administrations is, I believe, telling.

Lawrence D'Oliveiro says:

Re: Re: Re: Ummm...The President already can shut down the Internet...

jlaprise wrote:

Are you seriously suggesting that (the heavily regulated) Tier 1 providers would not honor a request from the federal government? My guess is that it would probably not shutdown the Internet but would cripple it for a time.

Time to remind everyone of John Gilmore’s quote: “The Internet interprets censorship as damage and routes around it”. In this case, “censorship” means “anyone who tries to shut it down”.

Anonymous Coward says:

Re: Ummm...The President already can shut down the Internet...

What the f**k are you talking about? You’ve been watching too many episodes of 24. The media has fueled this idea of these super-terrorist hiding behind every corner waiting to strike at your “freedoms”. Do you know why the US was attacked on 9/11? I didn’t think so.

P0rkCh0pS@ndwich says:

Cyber Security?

There’s already been maneuvering to allow authorization for retaliatory and preemptive cyber attacks by the millitary. This is probably one piece of something larger to allow the military/intelligence agencies to put together a massive botnet to be part of that effort under the heading of “Cyber Security.”

negdcom says:

Cia/nsa/dod allready has this ability

People are really getting hysterical over this. Let me put it to you this way, right now if theres a cyberattack the organization that has control of protecting our networks is the nsa/dod/cia. this bill would take it out of their hands and put it into the white house. THIS IS GONNA HAPPEN WETHER YOU LIKE IT OR NOT, would you rather the nsa do this under the radar or the white house do this and it have to be somewhat accountable?

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...