Section 9.3 Fanatics and Suicide Attacks

9.3 Fanatics and Suicide Attacks

Sites at risk for attacks by fanatics used to be limited to those in national governments and defense industry. With the rise of extremism in the U.S. and elsewhere, many other sites are now at risk. In the U.S., organizations involved in testing products for safety on animals (instead of on humans), those not considered to be "environmentally friendly," those involved with nuclear power, and those with labor disputes seem most at risk (besides the "traditional" risks involved with government defense and policy). Many of these sites are scientific laboratories and university systems.

U.C. Berkeley is the only university that I am aware of whose police department has its own bomb squad. I got to see it in action one night, complete with a massive steel bomb containment device. In the 1960s, the lecture hall where I took my California History class had been firebombed and suffered major damage. One of the Co-ops where I lived had been teargassed by the National Guard in the 1960s while another one had an LSD factory. While I studied there in the late 1970s, I recall the Berkeley branch of the Bank of America getting blown up twice.

I wrote the previous paragraph on terrorism at a major university for the first edition but it was removed during the review process for being irrelevant. Sadly, the massive attack on September 11, 2001, in New York City, the almost daily deadly suicide bombings in Israel, and India and Pakistan coming to the very edge of nuclear war show otherwise. Besides the unimaginable toll in human suffering it caused, the 9/11 attack caused major disruption in communication throughout the Eastern U.S. and beyond. It also destroyed the only copies of data and only data centers of many organizations and brought down the largest stock exchange in the U.S. for a week.

As a System Administrator, it is essential to have reliable off-site backups and plans for recovery if the data center is destroyed and key people are killed. Terrorism is on the increase throughout the world and, without such plans, many organizations would not recover. Even a natural disaster such as fire, hurricane, tornado, or earthquake can easily destroy all of this and backups if they are stored only a few miles away. For many years, I have been securely copying my critical data to another computer hundreds of miles from mine. At a distant backup site, you should provide sufficient documentation to rebuild the data center from scratch without the key people, as well as store a recent copy of the data. This information should include how to contact vendors. Contracting with a company to maintain a backup data center with occasional drills or contracting with vendors to provide equipment on an "emergency basis" is critical to successful recovery.

There are more details in "Law of the Jungle Physical Security" on page 121.