[AusNOG] Risks to country and business infrastructure

[Mark Newton]

On 5 Sep 2019, at 11:55 PM, Chris Macko <chrismackozdell at gmail.com> wrote:
> Examples of this include TIA942 and the Uptime Institute specs requiring bullet proof glass yet no one has a procedure to stop 1kg let alone 100kg of servers filled with explosives from entering our data centres disguised as normal server equipment within fully racks brought in by clients during colo moves.

That’s a bit of a movie-plot threat, though.

If an adversary has reached the point where that’s a sensible tack for them to take, I’m going to offer that nothing your company does is going to be capable of stopping them because your imagination is unlikely to be as good as theirs, and we’re well into the realm of heavy law enforcement or light military response.

I expect that most of this community’s denizens will find that they’re protected from this (supposed) threat by being in multiple locations in any case. Unless you’re going to up the movie plot stakes by saying the adversary is in all of them at the same time.

(Can I also point out that the threat posed by smuggled explosives is indistinguishable from the threat posed by earthquake, flood, or fire, and companies with business continuity plans capable of withstanding completely predictable natural disasters have no need to invest additional stress into dealing with the next Die Hard sequel? You’re either prepared or you aren’t; And everyone already knows how to prepare, they just differ in how much they want to spend doing it)

  - mark