They do, for the most part, and for most of the agencies (DOD, FBI, CIA, DHS, etc...). They have redundant network capabilities served both by wired and wireless means (micro-wave and satellite transmission capabilities). The "business" apps at those agencies do not necessarily have a private network. The terminals that serve you the internet at a great many of these agencies also have access to these other applications that interact with the "shadow" networks. Also, the same network providers that provide you and me with our "pipe" (AT&T, Verizon, Quest, etc...) also provide the "pipes" to the other, "shadow" networks. Should the systems at those installations become targets for malicious assault, then it could shut down entire sectors of the economy. The NASDAQ is one such "highly available" system that could be harmed, even though they have their own network. The financial networks that carry SWIFT, Cirrus, Visa, and ATM transactions would be susceptible even though they are on private networks. I'm not sure how turning "off" the internet will help. Wouldn't removing access to the internet have the same effect as a DDOS attack? The outcomes are the same aren't they (i.e. loss of connectivity)? The real goal of cyber attack is either one or both of the following:
Gain Access
Deny Access
If I were a cyber-assassin bent on disabling large networks for the purpose of disrupting an economy, I now would have two tactics available to me. I could launch my DDOS against a financial network or sufficiently large commercial target and hope to disrupt their capabilities. The other tactic would be to launch the assault and wait for the "kill" switch to be engaged. The outcome in both of those scenarios is favorable to the attacker.
"Life sucks, but it's better than the alternative." -- Peter da Silva
