Complex infrastructure often exhibits extreme levels of vulnerability to non-planned events. The reason for this is may be found in an area of complexity research called highly optimized tolerance (HOT). HOT research has found that complex networks, like most global infrastructure, exhibit behaviors explained by the design considerations of its makers. The end-result of this planning is a network that is extremely robust against certain types of anticipated failures/insults but conversely is hypersensitive to unanticipated classes of uncertainty. NOTE: this isn't as obvious as it seems. Complex systems, like the Internet, operate well beyond the influence of any central management group and the thinking of the original designers. This research shows that the core design and operational decisions made by these groups does have a major impact on the ability of the system to respond to damage.
Design Flaws
The crux of this analysis is that global guerrillas can exploit the assumptions of designers to create major distruptions in complex networks. Further, once this is done, the network will likely work for the attacker by causing damage to itself (from outage responses gone awry to increased costs of operation). NOTE: This is very much the approach Lawrence of Arabia used in his Arab revolt. He attacked the Turk's train system which the designer's/users assumed to be safe because it was well to the rear of the front lines and it traversed remote areas.
NOTE: This next section is an area that I am spooling up on. I do think it is possible to exploit system designer/operator assumptions. These assumptions create systemic flaws and not just spot opportunities. When I get it right, this will be a very useful section.
Global Guerrilla Operations Manual>Infrastructure Attack>Planning
(NOTE: this is a red-hat/oppositional approach to diving into a topic, don't be alarmed). When planning an attack on infrastructure (oil, electricity, gas, etc.), it is important to consider what the designers of the network had in mind. An examination of assumptions can lead to methods of exploitation. Let's walk through the exercise.
General considerations. All large-scale infrastructure network designers follow the same general process:
- The economic performance of the network needs to be optimized (efficiency often trumps safety).
- They don't have sufficient resources to defend against all potential threats (limited means).
- Security is focus on the most recent, highest profile, and common threats (all of which have some historical basis) NOTE: I know that good network designers would say they make no assumptions as to what future threats would be and they are constantly updating systems in response to new threats and ongoing assessments. However, that isn't the case in the vast majority of deployed systems, particularly large infrastructure networks.
Here are some general assumptions planners use in network design. They will not apply to all systems. These questions are better used as a way to start a thinking process on the topic (NOTE: I am working on these. This list is in the process of revision.).
Make your own list of design assumptions that can be exploited within the system you are focusing on. Rank the potential attacks unearthed through this process according to operational factors.
Sources: Carlson, Doyle (1999) "Highly-optimized tolerance: A mechanism for powerlaws in designed systems."