The global war on terror, it seems, is far from over. Although U.S. military strategy shifted emphasis from countering Islamic extremists to great-power rivalry in 2018, the war between Hamas and Israel has created a new spawning ground for terrorists intent on attacking America.
FBI director Christopher Wray said as much in congressional testimony on October 31: “The ongoing war in the Middle East has raised the threat of an attack against Americans in the United States to a whole other level.”
Many politicians and pundits have pointed to the U.S. southern border as a place where homeland protections need to be strengthened. The number of individuals on the FBI’s terror watch list apprehended on the southern border has risen dramatically in recent years, to 169 in the 2023 fiscal year ending September 30.
Nearly 500 individuals on the watch list were intercepted at U.S. borders and other points of entry in 2023, and some additional number likely eluded detection.
Thus, any belated efforts now to tighten border security aren’t going to eliminate the threat of attack. Terrorists may already be in the U.S. and actively planning violence.
The nation therefore needs to review measures taken to protect people and assets within its border perimeter. Much of that task necessarily falls to state and local authorities.
One area where Washington has taken the lead is in protecting critical infrastructure. The federal government has an agency focused on securing 16 sectors of essential infrastructure, including chemical plants, electric grids, healthcare facilities and financial networks.
One such sector is information technology, which subsumes much of the hardware and software supporting the internet. Unlike other clusters of critical infrastructure, the complex of internet routers, data centers and links is relatively new, and subject to frequent changes in ownership.
When terrorists last launched major attacks in the U.S. on 9/11, Google
GOOG
Its rise has been so rapid, though, that today many facets of contemporary commerce and culture would be unworkable without continuous access to what was formerly called the World Wide Web.
That includes most of the other critical infrastructure sectors: imagine how financiers, physicians or first responders would function in the absence of reliable internet connections. The way society is now organized, they couldn’t.
Our dependence on the infrastructure supporting the internet is thus pervasive and profound. The good news is that it is a decentralized “network of networks” designed from its inception to work around disruptions. The bad news is that some of its most important nodes are highly concentrated.
For instance, much of the internet’s traffic runs through 275 data centers in Northern Virginia. That’s where the internet originated as a military project, and later entrants to the market tended to cluster around the original hub as a way of minimizing transmission delays (“latency”).
It tells you something about the potential vulnerability of this infrastructure that the Washington Post began a February 10 story by describing the view from a private drone flying over one such complex.
But drone attacks are only one danger among many. The centers might also be compromised by kinetic attacks on the ground, or power-source interruptions, or cyberattacks. The latter don’t even require perpetrators to be within U.S. borders to execute.
Iran, a radical theocracy, has extensive experience with hacking and malware, not to mention kinetic attacks. It undoubtedly shares some of that knowledge with organizations such as Hezbollah.
If terrorists were to succeed in degrading the data connections or software used by the internet’s domestic infrastructure, they could collapse the economy overnight. So, part of bolstering homeland security in the current threat environment must include ascertaining how secure the sinews of the internet are.
Google, operator of the world’s most widely used websites, offers unusual insight into the details of how internet infrastructure must be protected in an online overview of its own security practices. Among the measures it mentions:
- Its data centers are protected by multiple layers of physical security.
- All stored data is located on multiple machines at diverse locations and can be shifted automatically in the event of disruption.
- Backup generators are installed at all data centers to seamlessly kick in if the electricity supply is compromised.
- Security teams continuously test their readiness to respond to a range of threats.
More generally, the entire Google network is engineered to avoid single points of failure. Rigorous authentication tools are used to monitor who is in the network architecture. End-to-end encryption is utilized to protect data flows, and the entire system operates in a zero-trust mode where perimeter checks are just one of many security measures.
Some of the security practices Google uses, such as building its own servers, are beyond the means of smaller operators. Nonetheless, as the world’s biggest provider of internet services, Google presents a useful model for assessing the security of other market participants.
For better or worse, the internet has become the heart of the U.S. economy. Securing the infrastructure supporting the internet thus is essential to protecting the American homeland. We should not assume that a new generation of terrorists will favor the gross atrocities of the past when the digital revolution affords more creative ways of harming America.
Disclosure: Google contributes to my think tank, the Lexington Institute.
Read the full article here