Implications for the Security of the International Information Infrastructure

Abstract

This paper explores which measures used to deal with the Year 2000 (Y2K) problem are also applicable to the future security of information networks in critical infrastructure. As information and communications technology (ICT) become ever more widespread, protection of both the information and the infrastructure upon which it relies becomes important as financial transactions and economies become increasingly global and interdependent. The Y2K problem, whereby computers with two digit year formatting are not able to read 00 as the year 2000, meant that errors would occur in many processes and calculations, such as billing, manufacturing and trade, in both the public and the private sector around the world. After January 2000 had passed, other computer incidents occurred such as the distributed-denial-of-service attacks in the US in February 2000 and the ILOVEYOU virus attacks globally in May  2000. Furthermore, high-level attention to international ICT developments was paid in July 2000 at the G-8 Summit of industrialised countries and at the annual meeting of the United Nations Economic and Social Council (ECOSOC); these all sustained the importance of information infrastructure and its protection.

This work was performed under the auspices of the U.S. Department of Energy by the University of California Lawrence Livermore National Laboratory under contract No. W-7405-Eng-48.

This paper provides some preliminary assessments which are part of a larger project organised jointly by the Center for Global Security Research (CGSR) at Lawrence Livermore National Laboratory and the International Institute for Strategic Studies (IISS), London, on international security implications of threats and vulnerabilities to critical information infrastructure.