On Thu, 5 Sep 2002 sgorman1@gmu.edu wrote:
Is there a general consensus that cyber/internal attacks are more effective/dangerous than physical attacks. Anecdotally it seems the largest Internet downages have been from physical cuts or failures.
I think you have a sampling bias problem. The "biggest" national/international network disruptions have generally been the result of operator error or software error. Its not always easy to tell the difference. It may be better for carrier PR spin control to blame a software/router/switch vendor. Until recently physical disruptions have been due to causes which don't effect the stock price, carriers were more willing to talk about them. Carriers usually don't fire people due to backhoes, hurricanes, floods, or train derailments. What does this say about the effect of an external or internal cyber-attack? Not much. Naturally occuring physical and procedural disruptions have different properties than a directed attack. Not the least is hurricanes and trains don't read NANOG, and generally don't alter their behavior based on the "recommendations" posted. Wouldn't you prefer a good game of chess?