Wednesday, September 4, 2019

How Cities Can Avoid Ransom: Pull the Plug

About ten years ago a shipment of flowers from Latin America to the Miami Airport was found to have a dangerous insect not native to the US; it could have had (and maybe has) disastrous impact on the US flower industry were it to survive further north.

It must be an impossible job to try to keep bugs and viruses that don't belong here out of the US; imagine how many carriers of viruses just boarded a plan somewhere else.

Hold that thought.

This Internet Thing Is Gonna Be Big
I remember trying to convince a customer back in the 90's (before ChiliSoft) that this Internet thing was gonna be big, and the dozen ways it would make them faster, stronger, better than their competition--or whatever the pitch was back then. More efficient, less money. Tastes great, less filling.

It took some time, but eventually most businesses adopted the Internet in some way--for browsing, email, external services like booking travel, and ultimately apps.

Businesses and governments were sold on efficiencies of "the cloud" (a still-ridiculous invention of a metaphor that somehow stuck), and software as a service. Pay monthly, pay yearly, no software installations, out with the old, in with the new.

Even in Lancaster, PA, we're so enthralled with the idea of the Internet we gave a no-bid contract to a tiny networking company to provide high-speed Internet--a great idea, poorly executed.

Ransom
And then the holdups began. Dozens of cities now have been attacked and their computer systems held hostage for ransom, payable in Bitcoin, of course, the currency of choice among thieves who prefer to remain anonymous. Ransom works very, very well for them.

I'll skip to the point: you can't win this game. If you run a city, a utility, a state--any government or authority or even any business--you can't win this game. You can't.

And your insurance companies are not going to back you anymore. You're building a house on a flood plain, and ya know, it's simply gonna flood. And nobody's going to have your back.

Pull the plug.

It's really the only thing you can do. Ok, yes, some vendor is going to sell you (scare you, for good reason) on their protection services, or some amazing piece of hardware designed to detect and prevent intrusions.  The hackers, though, figure out new ways to get around the new ways designed to keep them out; the escalation continues and new holes appear as current ones are patched.

And of course it's not just tech: it's likely your employees are getting duped by something in email or on a site. They click on a link that wasn't flagged by the security software, or open the attachment (no--no no no no!), or something.

You just can't control human behavior enough, and you can't keep up with the large number of old and new vulnerabilities.

So pull the plug.

Literally.

Turn Off the Internet
That sounds radical, but here are some ideas that don't quite include caveware, and while I'm not a security expert,  I am somewhat technical and developing something with security as a factor:
  • Go back to sneakernet. Disconnect everything from the web, move files around on SD cards or USB drives (there's a vulnerability right there--USB drives and SD cards).
  • Go back to a closed network. Run all applications internally. Demand your "cloud" provider to install an internal cloud, and don't allow it to connect to the internet randomly--require it at specific times through specific ports, using an encrypted connection (for updates, etc). Then pull the plug again.
  • Run two networks: internal and Internet. Don't connect the two. Ever. Don't move data from the outside in, and rarely from the inside out.
  • Remove all USB and SD slots (or any other storage connection) from all computers. Just super-glue them shut. That kills the sneakernet idea but hey.
  • Kill the wifi--yes the internal wifi. You don't need it. Stick with hard-wired networking. Ok maybe you need it, but you can limit it to just tablets (but not smartphones; smartphones are typically internet connected).
  • Revoke the computing privileges of anyone who violates the security rules, or simply show them the door. I know it's not that easy, but damn, people, don't click on the attachment.
  • ...and other draconian measures.
Start with Nothing
You'd be surprised how much you learn about what you do, why you do it, and other ways it can be done when you start with the draconian, start from scratch, assume caveware (i.e. nothing).

What can you do without? What can you do differently? What happens when instead of emailing someone, you sit down and talk with them. Or print a couple of copies, hand them out, and talk about it? What positive effects flow from that interaction? What can you gain from doing less?

Everything's out to get us. Feels that way sometimes, doesn't it. So close the airports, stop all trade of agricultural products, shut down everything. Don't venture outside, and if you have to, wear a mask.

But that's no way to live, of course.

So what's the proportional and functional response such that we can continue to live and operate in what appears to be an increasingly dangerous world?

I'm not sure. But do voting machines really need any electronics at all? And if so, do they need to be networked? No, and no. And software to run cities and utilities do not really need to run on the Internet; there's no intrinsic need for cloud computing, or at least internet-connected "cloud" computing.

This Effects My Project
I love tech, I love what's next, and I'm working on something super fun and cool and very next but it has one big problem: it's an internet-connected device, and I really don't know the answer to the security issue. Even assuming we had the ability to make it the most secure thing ever, it will be open to attack, which means it will likely be attacked, which means someone might be able to control it remotely, which would be very, very dangerous.

So I'm thinking a lot about how to pull the plug, or whether it really needs to be internet connected at all, or just sometimes. Right now I'm leaning toward pulling the plug, but enabling the transfer of data in some way, just not directly from the internet.

I'm glad I'm not a city. But if you are a city and want to learn about pulling the plug but still running your systems, fell free to contact me for help.



No comments:

Post a Comment