The Internet Kill Switch Bill – Not Such a New (or Bad) Idea

By Jon Miller ·

During the past several months, there’s been a lot of talk about the “Protecting Cyberspace as a National Act of 2010” Bill (a.k.a. the “Internet Kill Switch Bill”) proposed in the Senate last summer.  With the civil unrest this year in Egypt and Libya, and the governments in those respective countries cutting off Internet access to their citizens, people in the U.S. (and other countries such as the U.K. that are considering this type of legislation) are concerned about the loss of freedoms, as well as the increase of “Big Brother” type control.

Let me start by saying that the idea of restricting communication goes against the fundamental premise of the Internet, which is to perpetuate the free and widespread sharing of information.  However, today we use the Internet for a lot more than sending email and browsing Web sites. And, because we use it for the connectivity of important business functions, such as energy (SmartGrid) and financial systems, the Internet is the next generation of battlefield. China is a great example of a country that is already starting to use the Internet for this purpose. It’s been widely reported that China has developed ways to infiltrate and manipulate computer networks around the world, and has targeted both the private and public sector. A great read on the topic is Northrup Grumman’s report on China’s capabilities to conduct ‘cyber-warfare’.

The possibility of an Internet-based attack that can seriously compromise both the health and safety of U.S. citizens is becoming more and more plausible every day. Stuxnet helped to bring this into focus as the first discovered malware to spy on subvert industrial systems and the first to include a programmable logic controller rootkit. Stuxnet could have been a lot less benign (that’s not to say it isn’t currently infecting U.S. infrastructure and couldn’t morph into a more malicious style of malware). What would have happened if Stuxnet was targeting domestic U.S. control systems and friendly governments as well? The power grid could have been taken down to the point where it couldn’t have been brought back up, and lives could have been lost. The elderly sitting in their houses, relying on oxygen systems could have lost their oxygen supplies…hospitals with reserves lasting only for a specified period of time could have been challenged to sustain patients during the weeks it could have taken to stabilize the grid.

Most people don’t realize that the Communications Act of 1934 actually provides the President with the power to disrupt Internet communication in the event of a national emergency. Given the potential seriousness of a breach, I personally agree that this level of authority is appropriate. If and/or when this type of serious action needs to be taken one day, every second is going to count – it will be kind of like deploying a nuclear weapon. There won’t be time to rule by committee. The economic implications of turning off the Internet would be HUGE, amounting to billions and even trillions of dollars impacting not only the U.S. economy, but also the global economy.  I would feel much better knowing that this capability would be controlled by someone with the full insight into the repercussions, and the capacity to make a fully-informed decision, rather than someone on the local level.