It’s likely that the Internet will soon experience a catastrophic failure, a multiday outage that will cost the U.S. economy billions of dollars, Or maybe it isn’t likely. In any case, companies are not prepared for such a possibility, but then again, some are.
These mixed messages come from credible sources. The confusion stems in part from the fact that the Internet has never seen anything much worse than local outages and brief slowdowns. But could it? And if it did, how ready would your company be?
Indeed, the threat is "urgent and real," says The Business Roundtable, an association of CEOs of large U.S. companies. The Washington-based public policy advocacy group says there is a 10% to 20% chance of a "breakdown of the critical information infrastructure" in the next 10 years, brought on by "malicious code, coding error, natural disasters, or attacks by terrorists and other adversaries."
An Internet meltdown would result in reduced productivity and profits, falling stock prices, erosion of consumer spending and potentially a liquidity crisis, according to a recent Business Roundtable report, "Growing Business Dependence on the Internet – New Risks Require CEO Action." The organisation based its conclusions on earlier risk analyses done by the World Economic Forum in Geneva.
Tom Lehner, director of public policy at The Business Roundtable, says business executives often fail to realise how dependent they have become on the public network – for e-mail, collaboration, e-commerce, public- facing and internal Web sites, and information retrieval by employees.
He also notes that disaster recovery and business-continuity plans often fail to take into account the threat an Internet disruption poses to a company and its suppliers. Moreover, business executives often mistakenly believe that government will take the lead in restoring network services in the face of an Internet failure, according to Lehner.
"What we wanted to do in this report is say to CEOs, ’You may not realise that whole segments of your business are almost completely dependent on the Internet, and it’s not enough to have a few IT specialists to help you respond to problems as they come up,’" Lehner says.
Judging the risk
Stephen Crocker, an Internet pioneer and chairman of the Security and Stability Advisory Council of the Internet Corporation for Assigned Names and Numbers (ICANN), says he tries to walk a line between "Chicken Little, things-are-terrible" scenarios and "Pollyanna, the-world-is-wonderful" views of the Internet.
He says, for example, that he worries little about a physical attack on the Internet – against major hubs, lines and so on. "I don’t know of any physical attack that would have any widespread or long-lasting effect," he says. "The Internet is pretty robust at the physical layer. There are just too many alternate paths available."
But the Internet is not so robust at other layers, admits Crocker, the CEO of Shinkuro, a Bethesda, Md.-based developer of information-sharing technology. He points to the possibility of "systematic failure of operating systems like Windows, or penetration by worms that run rampant and cause massive amounts of chaos," or floodlike denial-of-service attacks.
Still, he says, these kinds of disruptions, although annoying and potentially quite costly, are typically resolved in a matter of hours and thus stop short of being the kind of catastrophe that the Business Roundtable report contemplates.
Others agree that the risk of catastrophe is minimal. Asked if he worries about an Internet meltdown, Michael Long, senior vice president of global services at Siemens Medical Solutions, says, "Anything is possible, certainly, with things today like the terrorism situation. But we are pretty confident that if we did have an Internet hiccup, we’d go with alternate communication paths."
In fact, he says, he views the Internet as something of a backup for his dedicated lines from AT&T and Verizon.
Malvern, Pa.-based Siemens Medical Solutions provides application hosting for more than 1,000 health care customers at 600 sites, mostly through private, dedicated lines.
Long does concede that certain functions would be a "challenge" without the Internet. For example, Siemens uses the Internet extensively for troubleshooting and remote diagnostics by its major IT vendors, IBM, Hewlett-Packard and Cisco Systems. Also, the company receives 1 million e-mail messages a week via the Internet, he says.
There is a good chance that parts of the Internet will fail from time to time, says Neal Puff, CIO of Yuma County, Ariz. "But having been based on the Arpanet and designed to keep functioning when pieces are broken, it seems less likely that the entire Internet would stop working."
The county currently accesses its ERP applications via a virtual private network over the Internet, and it offers many Web services to citizens from its own data centre, also via the Internet. But Puff says that because of reliability concerns, he wants to flip that around, offering externally facing services from a distant site and hosting applications for internal use in his own data centre.
Puff says it is less likely that the Internet would be disrupted at a hosting company in a big metropolitan area that has a robust infrastructure and a lot of redundancy than it would be in sparsely populated Yuma County. Conversely, internal users are less likely to lose the use of their corporate applications if those applications reside in the data centre and don’t depend on the Internet.
These moves will offer some protection against network outages, but not 100% protection, Puff acknowledges. "If the entire Internet goes down, everyone’s in a world of hurt, but I try to look at the probabilities."
BNSF Railway Co. in Fort Worth, Texas, also uses a private, non-Internet network for its core operations and for transactions with major customers. But it uses the Internet for many less-critical functions that would be painful to lose if the Internet went down, says Beth Bonjour, assistant vice president for technology.
For example, BNSF uses the Internet for its customer help desk and to provide shipment-tracking information to smaller customers. Offering customers self-help via Web sites allowed BNSF to reduce its support staff, but now the railway doesn’t have adequate staffing to handle the fax, telephone and other means of communication that it would be necessary to use if the Internet went down. There have been some limited Internet outages, Bonjour says, "and it’s not pretty."
Inconvenient at best
Similarly, Intermountain Health Care in Salt Lake City uses a dedicated WAN to communicate with its major hospitals and clinics, but it uses the Internet for many other things, such as contact with vendors and health plan brokers and for access to WebMD, an online source of health advice. There are backups for some of those things. For example, ordinary telephone service can be used to communicate with vendors. But for others, such as broker relations, there is no backup. "It would be encumbered tremendously if the Internet went down," says Marc Probst, CIO at Intermountain.
Asked in a telephone interview if Internet alternatives are part of Intermountain’s disaster recovery and business-continuity plans, Probst says, "We haven’t sat down and gone through that kind of thinking. It’s probably a very good thing to do, and we will, right after this phone call."
ICANN’s Crocker says that although the Internet has serious vulnerabilities, some of them could be patched relatively easily. He urges IT and business leaders to speak up and demand better technology. "Today, the network operators, equipment vendors, government and business all seem to accept the idea the network is inherently dangerous and can’t be modified in any useful way. I think that’s fundamentally wrong."
He points to a number of practical proposals for Internet improvements that have gone nowhere, including Internet Best Current Practice 38.
Crocker says the Business Roundtable report and similar critiques carry an "implied assumption" that individual companies can protect themselves. There is some truth to that, he says, because companies can, for example, get multiple copies of critical systems running in different locations, albeit at considerable expense.
But he says that the most important thing companies should do is to band together to improve the overall situation. A "first-class" CIO, Crocker says, should approach his CEO with this message: "Boss, we need to take care of ourselves, but we also need to organize into a powerful user group and bring some pressure on vendors so that the network is fundamentally safer tomorrow than it is today."