Today the SANS Internet Storm Center raised it’s Infocon Threat Level to “yellow” due to the recently announced backdoor in Juniper devices. I wouldn’t have even known this if someone hadn’t pointed it out to me and then I felt like I was in an episode of Star Trek. I kept waiting for the ship’s computer to make an announcement so I could strap myself into my chair.
While the level names are different, the colors seem to mirror the old Homeland Security color-coded advisory system, which was eliminated in 2011 due to questions over it’s usefulness.
According to a story on CNN.com:
“The old color coded system taught Americans to be scared, not prepared,” said ranking member Rep. Bennie Thompson, D-Mississippi. “Each and every time the threat level was raised, very rarely did the public know the reason, how to proceed, or for how long to be on alert. I have raised concerns for years about the effectiveness of the system and have cited the need for improvements and transparency. Many in Congress felt the system was being used as a political scare tactic — raising and lowering the threat levels when it best suited the Bush administration.”
I have a similar experience with SANS’ Infocon and the reactions from management.
Pointy-haired Fearless Leader: OMG, the SANS Infocon is at YELLOW!!! The end of the Internet is nigh!
Much Put-Upon Security Architect: Please calm down and take a Xanax. It’s just a color.
I’d like to propose a simpler and more useful set of threat levels with recommended actions. Let’s call it the Postmodern Security Threat Action Matrix:
Level | Description | Action |
Tin Foil Hat | Normal levels of healthy paranoia | You can still check your email and watch Netflix. But remember they’re always watching…. |
Adult Diaper | It’s damn scary out there. | Trust no one. Remember to update your Tor browser. Have your “go bag” ready. |
Fetal Position | Holy underwear Batman, it’s the end. | Destroy all electronic devices and move into a bomb shelter. The Zombie Apocalypse is imminent. |