Arriving Somewhere

In May Estonia experienced what might be considered the first case of state-sponsored cyber warfare. It began with the Estonian government’s decision to remove a World War II-era monument to a Soviet soldier from a park, sparking riots by ethnic Russians within Estonia as well as an official protest by the Russian government. Two days of rioting followed, but the real excitement was the three week siege of Estonia’s information infrastructure.

The attacks used a method called “distributed denial of service” in which web sites and servers are flooded with data that obstructs legitimate access and can even overwhelm servers, effectively shutting them down. They targeted the web sites of the national government, banks, and news agencies. Estonia maintains that the attacks were orchestrated by Russia, however it is likely that the perpetrators will never be revealed. One method used in the attack was the use of “botnets”. Botnets are an example of distributed computing in which computers have been unknowingly infected with a virus that enables the botnet’s controller to remotely access that computer. In the case of a distributed denial of service attack the botnet is used to simultaneously send data or requests for data en masse at a common target, thus overwhelming it as well as routers and servers along the way.

While these methods of cyber attacks are not new what is interesting about this situation is coordinated attack on a nation’s government, economy and press. As we become more and more reliant on the internet for conducting government, our daily business and for information this reveals what might be an Achilles’ heel for modern society. The potential for terrorists, activists, even nations to target our information infrastructure becomes greater the more integrated it becomes in our lives.

What would happen if entire networks were shut down in this country for a single week? Certainly the impact on the economy would be dramatic if trading on Wall Street were interrupted. If banks couldn’t process electronic transactions then ATM’s wouldn’t dispense cash, credit cards wouldn’t make purchases and salaries wouldn’t be deposited. Communications would be disrupted as email servers might be clogged, perhaps even cellular phones would not be able complete calls. Certainly the information gathering techniques that we have become accustomed to would be prevented as news reporting websites and perhaps other information sites would be shut down or inaccessible. I wonder how important the information is that is exposed on government websites and whether important decisions could be made without access to those sites.

I would estimate that once every few months we loose internet access for the day at work. As I work in a library this means that we are not able to access the catalog or any of the electronic databases to which we subscribe. Not only does this put a serious crimp in our productivity but it makes difficult to serve our patrons since we rely so heavily on electronic access to information. These outages only last for a day at the most, and they probably are not malicious. I hope that the federal government is doing some hard work to prepare a defense for our information infrastructure. Librarians also need to consider their reliance on electronic information systems when planning future collections.