I’m not sure if I should laugh, cry, or just facepalm in regards to recent use of the Hoover Dam as part of the US internet “kill switch” debate.
“The bill, one aide said, would give the president the power to force “the system that controls the floodgates to the Hoover Dam” to cut its connection to the net if the government detected an imminent cyberattack.”
I’ll not pick on everything that is wrong here, but I will say that if we’re going to be so concerned about systems that are supposedly connected to the Internet, so much so that we will have provisions to close those connections if necessary (which presumedly won’t itself break anything)….then why the hell is the connection there in the first place? My guess is people are assuming such lax security without actually verifying that there really are layers involved. The risks of insider employees (or mistakes) is still greater…
If there’s one single thing we can learn about security today compared to 30 years ago, it is a matter of increased scale and speed (efficiency). Sure, it’s nice to keep the museum doors open for visitors and staff and then lock them in a crisis, but digital networks operate far faster than any one person can react and with such efficiency that damage is done before some “switch” can even be triggered.