By Kevin Coleman -- Defense Tech Cyber Warfare Correspondent
Ignore for a moment all the technical issues and consider that recently, there has been a huge amount of discussion (information and disinformation) about what has been called the “Internet Kill Switch” and the debate is heating up again. The recent events in Egypt that we all witnessed have certainly intensified and polarized this debate. Several times I have been asked my opinion and there was one strong suggestion that I address the matter here on the blog. We need to cut through all the clutter surrounding this issue. The proposed legislation of Sens. Susan Collins (R – ME.) and Joe Lieberman (I-CT) actually restricts these so called “kill switch” powers and subjects the action to congressional review. The fundamental question is; does the President need to have emergency powers over the Internet during times of crisis and, if so, what are those powers?
Given our nation’s growing reliance on the Internet and its importance on our daily lives for everything from financial transactions to coordinating social activities, we do need the ability to protect this significant piece of our infrastructure from attacks/disruption resulting from hostile actions. Do we need a “Kill Switch”? - NO! The President already has the authority to invoke what is being referred to as a “Kill Switch” and I am having a hard time modeling an attack that would require such action. Who looked at this technically? What is the impact on SCADA systems, if they experience a successful cyber attack, are the programmed to fail safely?
Yes, we do need the ability to isolate the Internet infrastructure within the United States in times of significant attack or threat. However, the isolation I am thinking about would allow all Internet components/assets/ communications that operate/occur/reside within the U.S. to continue unaffected. The isolation would cut off all international traffic (malicious and benign) coming in through the major connections (aka Big Pipes). Just think if there were a few unfriendly countries that got together and launched a massive DDoS attack, large enough to disrupt/overload Internet services within the United States. The ability to isolate the U.S. Internet backbone would be a great defensive capability. That could happen instantaneously compared to the hours or days to hack or launch defensive cyber strikes against DDoS originating sites abroad. Will this block all malicious DDoS traffic? – NO, but it will greatly reduce our internal disruption to the services that we have all come to rely on!
We still need a lot of answers before any of this becomes a reality! I stated my position over a decade ago when I was Chief Strategist of Internet pioneer Netscape and it has not changed since then. I am in favor of whatever measures we take or put in place to protect the open Internet and make it more resilient and more available. Once thing is certain; whatever we go with, we need the funds to plan it, test it, and maintain it!
