Watson: Milwaukee's celebrated geek says more potential trouble looms for Internet

He's a self-professed geek and proud of it. And Paul Watson, an information security specialist for Rockwell Automation, is arguably the most famous geek in Milwaukee.

Watson's celebrity surrounds his discovery of a flaw in the Internet that in the wrong hands could have brought the world's data network to its digital knees and cost companies billions. His presentation at CanSecWest 2004 in Vancouver last month turned the obscure Internet security conference into worldwide news event that had some media outlets hailing Watson, 35, as the Internet's savior.

Watson's mild demeanor seems more like Clark Kent than Superman. And he downplays his discovery. Still, Watson emerged from the media blitz as a hacker in a white hat, a Netzien working for the good guys -- despite the terrorist.net domain name that holds his website, which he registered a year before the Sept. 11 attacks because he figured it would be easy for his friends to remember.

And Watson hopes to use his newly found platform to call attention to other threats lurking in the ether that could snap the spine of the world's data backbone.

Watson, known as Tony to his friends, spoke recently with WisBusiness.com editor Brian Leaf.

Leaf: So, you're regularly out there digging in the innards of the Internet?

Absolutely -- even when I'm not at work. I have a home network of 30 different machines and devices. I'll go home and dig back into it at home for four to six hours a night, doing research.

Leaf: When did you think you were on to something here with this flaw in the Internet?

I saw a presentation in Las Vegas from Cisco which said this was an impossible attack. Well, I knew that was wrong. But it amazed me that no one else in the room saw it was wrong. It gave me an opportunity to do some research and get some information out there so everyone realized the real risk. But then as I started doing my work I realized that everyone had looked at all these other factors that when combined together made this attack much easier to do. No one had looked at the secondary and tertiary effects, if this attack were to be used against particular applications, such as BGP (Border Gateway Protocol) on the Internet. BGP is a routing protocol that tells the Internet how to get to places. When you combine all these factors together, I knew this was a possible attack. I just didn't know how devastating this could be.

Leaf: Summarize what the attack is and what some of the possibilities were?

Imagine all the roads in the U.S. If someone were to attack all of the Internet Services Providers and their ability to communicate with each other, it would be kind of like taking out the Interstate highway system. People could still drive on the road, but if all the freeways shut down they would have to take the back way. Everything slows down, gets congested. Eventually it just kind of collapses on itself. That was the big fear of the government because if you can imagine the economic costs of a 24-hour dead Internet. You have financial institutions relying on using the Internet to transmit their data back and forth to partners and other companies. You have credit card transactions go out, financial data not being transmitted. There's a sales impact on certain companies. There was that fear that if you were a sponsored organization, say Al Queda, and were looking for a way to hurt America without having to expose anyone to real danger, the impact would be tremendous.

Leaf: So, how would this have worked?

In a nutshell, what you would do is map out the Internet. There are Web sites that you could go to see how the Internet backbone is configured. Then you would pick key points on the Internet. I'm going to break this Internet connection and that Internet connection. It's like the highway system. If I only had 400 bombs to drop, where would I do the most damage? You'd target the bridges and major intersections. If you can collapse those traffic wouldn't flow. So you'd target those out and the final launch points. You always hear about a virus that runs around and affects a half million computers around the globe. In the past, they've sent out a bunch of spam. In this type of attack, you could get all these different drones you infect with a virus and use them to launch the attack for you. The organization that sponsored this would remain anonymous. Instead of requiring billions and billions of packets that we've seen in the past to say, take out Yahoo for a couple of hours, this would require a whole lot less traffic and not be noticeable until it was too late. Once it actually happened and these network connections were dropped, it would be difficult for these Internet providers to respond. It would collapse the Internet backbone in 5 to 10 minutes. That's a very scary thought.

Leaf: What was the reaction by people when they see a guy living in Milwaukee came up with this whole scenario?

(laughs) Well, it's not as dramatic as an impact of say a patent office worker discovering relativity. A lot of my research was building on other people's work. When I put their work together and added my work on top of it. From some people it was like, "wow, amazing." People who have known me have said, oh yeah, I figured it was you. I'm a tinkering guy. I like to fool around with this stuff.

Leaf: I saw where you refer to yourself as a hardcore geek.

I love the title. In the '80s, being a geek was about wearing pocket protectors and thick glasses. Nowadays, all the movies that are coming out are Xmen and Spiderman and the Hulk. It's cool to be a geek these days. Comic books and computers are definitely in style.

Leaf: What was the reaction at Rockwell?

The company has been incredibly supportive. Once the story started hitting the papers, I actually had two people I work with jump on an airplane and fly to Vancouver to give me some support. For the first two days I only got about three hours of sleep due to the media inquiries. From the moment I stepped off the plane it was like stepping into an episode of the Twilight Zone.

Leaf: Well, it's pretty good PR for Rockwell.

They seem to be very happy with it. They've had a lot of kind words for me. Of course everyone keeps asking me when I plan to leave and I have no intention of doing that. I actually enjoy working here. It's the most incredible company. The people I work with here are A-1. I've worked all over the place and the people here are awesome. The company really knows to take care of employees. This place is really the place to be. So unless someone offers me a whole lot of money, I don't have any plans on moving.

Leaf: It's strange that you do so much work and there is one arbitrary piece that you write that gets all the attention. It really gave you instant credibility. Have there been other offers now for you to speak.

I've received offers from the Black Hat Conference in Las Vegas, which is one of the premier hacker gatherings of the year. RSA Data Security conference which has about 10,000 security specialists around the world has already offered to let me speak at their 2005 conference and I haven't even written a paper yet. So that's exciting. A lot of technical magazines have asked me to do pieces for them, such as IEEE. Even bizarre requests. The LA Times asked me to do an editorial on Internet security. It's weird to have this credibility that you've always had, among your peers. It wasn't among the general community.

Leaf: So have is this your 15 minutes of fame, or are you only a couple of minutes into it?

I'm sure I have had my Andy Warhol moment, but there does seem to be a chance to take advantage of the opportunity to raise some issues. And there are some critical issues out there. I could probably benefit the community by taking advantage of that and presenting work in conjunction with other people, who have some important things to say, not the least of which is the concern that there are 2 to 3 million home computers that are already Trojaned and backdoored with these computer viruses, just waiting for an attack. If someone has control of those machines and nobody is concerned, that's an issue of concern that is terrifying to me. I'm looking at that issue right now. If someone can control so many computer resources without any oversight and nobody going after them, I think we're having a great disservice done to us by those in charge of looking out for our interests.

The WisBusiness Interview is Copyright 2004 WisBusiness Publishing.

Printer-friendly version      Send this article to a friend      Share

Close Window