Critical infrastructure protection: Secure the hubs, not the spokes
This principle is a direct consequence of the first principle. Critical infrastructure sectors are organized as networks with hubs. The hubs are the critical nodes, so the next step in infrastructure protection is to protect the hubs. Given limited resources and the fact that most sectors are extremely large, we cannot afford to protect everything, so we opt to protect only the critical nodes.
For example, the Internet is known to contain approximately 250 million servers; all are important, but only a few are critical. The current strategy of protecting each and every server is not effective and is very expensive. Information technology managers are spending far too much time and money on cyber-security, anti-viral software, and restrictive operating procedures.
An asymmetric alternative or counter-strategy to the current approach is to protect the hubs of the Internet. These are the servers with the largest connectivity to the Internet. In fact, the Internet is highly clustered around fewer than 250 servers—the top 250 hubs. What happens to cyber-security when these 250 or so servers are hardened against computer worms and viruses? They stop spreading, and eventually the malicious worm or virus dies out.
By securing the hub servers of the Internet, we protect all servers. This surprising result is actually intuitive if you think asymmetrically about it. Consider this: Most traffic, and thereby most worms and viruses, are propagated by the most active servers, the hubs. If these "promiscuous" servers are protected, they cannot spread worms and viruses, and if they stop the spread of malicious software, nearly all propagation halts. This is intuitively obvious, but it will be demonstrated in a rigorous manner in Chapter 13.
The critical node strategy can also be turned into network warfare by using hubs to purposely spread "killer-virus" software. This software behaves just like a worm or virus, but instead of damaging other computer systems and destroying important information, a "killer-virus" destroys all other viruses. In other words, network hubs can be used as an offensive weapon. In the case of the Internet, we can release killer-viruses "into the wild" and let them hunt down and kill the malicious viruses. The most effective way to do this is to launch them from hubs. Therefore, critical nodes in the telecommunications and information sector can be used for good or evil. Why not use the network structure of most critical infrastructure sector to launch a counter-attack?