Thaddeus Howze explains how the Internet is threatened by a number of very real vulnerabilities.
CNN recently released an article discussing the vulnerability of the world’s largest, and arguably the most important, artifact ever created, the Internet. In the article: Four ways the Internet could go down, David Eagleman stresses that natural biological systems are vulnerable to the potential for failure.
The Internet is increasingly acting more like a biological nervous system for worldwide communications. Eagleman posits the fact the Internet is vulnerable to a variety of forces beyond our control such as radiation from the sun, but he also stresses man-made forces are capable of destroying parts or all of the Internet.One of the least controllable conditions, a major solar flare, could blanket the Earth in ionizing radiation and disrupt parts or all of the primary electronic components of the computers—which comprise the Internet’s DNS database. This database helps computers recognize and transmit information to other computers on the planet-wide network and without them, network addresses would be strings of numbers instead of names. Instead of typing CNN.com, you would have to memorize http://157.166.255.19/. Now think of doing that for every webpage you have ever had to or wanted to go to. It is this database that makes the Internet user-friendly.
♦◊♦
The second threat, which I have talked about in several articles is the ever-increasing threat of cyber-warfare. This is the notion of using the Internet to engage in attacks against other parties in order to gain information, influence, control of resources or to damage infrastructure in a competitor’s environment.
Two decades ago, books such as William Gibson’s Neuromancer posited the idea of a highly-connected world where warfare and espionage had moved to “cyberspace,” a computerized matrix of corporate-controlled virtual realms where different agencies were fighting for control of the world’s wealth. Life imitates art twenty years later with the beginnings of Cyber-warfare being fought on a number of fronts.
Originally the threats to the shared computerized space or cyberspace were poorly programmed computers, physical network limitations, communications limitations and early programming viruses. These threats were initially quite small but grew larger and more sophisticated with time. As limitations in connectivity were overcome, programmers became more capable of affecting machines outside of their environments. Then viruses went from being a local phenomenon to being an issue that could cover entire networks.As networks grew more complex and connected, viruses could move farther and faster. Now, virus or malware programmers seek to find zero-day exploits, a programming hole that can be utilized to move information, control machines, or plant more advanced programs at a later date as soon as programs are released to the public but before such errors can be recognized by the company releasing them.Even this would be less of a threat if it weren’t being escalated by:
- Private citizens, seeking to gain access to lucrative data being moved across the net. These are hackers who are in small groups but not allied with any particular criminal organization. These groups create botnets, hijacked computer systems, to expand into private businesses and citizens information, harnessing those computers, stealing private information such as banking or password information.
- Information anarchists such as LulzSec or Anonymous who believe corporate control of the internet is decreasing the freedoms of people who use it, use their vast knowledge of system vulnerabilities to bring down services of agencies and companies with whom they disapprove.
- Organized crime which has moved into computing with a vengeance and bringing vast amounts of money, slave-labor hours and dogged determination to finding vulnerabilities, particularly in financial network and cloud systems. Organized crime is gathering smaller hacking groups and luring them with promises of money and power, growing faster than any other group on this list. This group is responsible for more of the malware being seen in portable devices using the iOS or Android operating systems.
- Governments are also battling for supremacy of the growing number of infrastructure machines appearing on the internet every day and which are often running outdated and insecure technologies vulnerable to hacking, cracking or malware from any of the aforementioned groups.
- The U.S. government has created its own cyber-enforcement agency called the United States Cyber Command (USCYBERCOM) an armed forces sub-unified command subordinate to the United States Strategic Command in Fort Meade, Maryland and is led by General Keith B. Alexander. Their mission is to centralize cyberspace operations, organize technological resources and synchronize defense of US military networks.
♦◊♦
One of the last threats Eagleman mentions is the threat of political mandates, where either an agency or government tries to wrest control of the Internet for political means. Governments have already tried to mandate what is visible on the Internet. The Great Firewall of China is an example of such controls. The firewall limits what citizens of China are able to access on the internet and is controlled the state. You can see if a website is proscribed by checking http://www.greatfirewallofchina.org/and adding a website address.
Other governments who have tried to regulate the internet include Egypt, Iran and the United States. The idea of the Internet “Kill Switch” has been removed from the latest cyber-security bill being presented before Congress. Other ideas for controlling information or how that information is used include PIPA, CISPA and ACTA, all government-driven mandates designed to control who can see what private information is being moved across the Internet. You can study each of these directives at the link and learn how the Internet may be regulated in your lifetime.
♦◊♦
The last threat to the Internet is a physical one. Eagleman mentions that each major continent connects to every other continent on the internet via a series of fiber-optic cables running across the ocean floor. These cables, previously unmolested, have now come under attack since they constitute a connection to the internet at large. Cables are now being attacked physically causing nations to lose access to the Internet.
Is this the early part of a physical initiative to affect worldwide communications? It’s anyone’s guess, but what it does mean is our communications grid, which is slowly migrating to the Internet with the advent of cloud computing and other distributed technologies, is vulnerable.
We are increasingly more vulnerable to physical disruptions and this should keep us all worrying about how such services are going to be protected in the future. It is estimated that there will be 15 billion devices accessing the Internet by 2015. With so much information being developed, stored, managed, controlled, and used world-wide, I renew my belief that we should be planning for the exponential growthof the Internet Commons and its needs for power, security, reliability, redundancy and sustainability.The Internet has become a secondary nervous system for humanity. And just like our own nervous system, damage to it could conceivably cripple us temporarily and if we continue to build on it, such damage could be the cause of a catastrophic system failure to our society if we don’t plan for the unexpected while there is still time.
*Editor’s note: Okay, yeah, it’s not just about porn, but seeing as most estimates indicate that 20% of people’s pornography comes from the Internet (if you include novelties and strip clubs as “porn” – if you don’t consider those things pornography, that figure must skyrocket), then your porn supply could be under serious threat if the Internet becomes dysfunctional for whatever reason!
Image of cord with electricity courtesy of Shutterstock
The UN has declared internet access a basic human right now.
ht tp://www.globalpost.com/dispatch/news/politics/diplomacy/120706/un-deems-internet-access-basic-human-right-0
It’s alarming the controls some entities want for the internet, the anti-piracy measures trying to be born by interests in the U.S.A I think are one of the hugest threats to the internet as it is. I really do fear draconian measures and laws could be introduced which can potentially harm many millions or billions of people with the threat of legal action (in many cases damn near extortion), a clear disregard for what the majority of the population want and seemingly a willingness to cater to corporate interests above the people’s interests.
The biggest threat though would be censorship. How are we to know when bad stuff happens if it’s censored out? I wouldn’t be surprised if the wikileaks debacle causes some extreme lockdowns on what information is shared. We’ve had regimes lock down the internet to try control the information it’s people get and I doubt it’s going to get any better soon. It may eventually cause a lot of people to use encryption to speak freely to only those they want to speak with or share information with, which could be encryption itself in the sights for restriction. I truly wouldn’t be surprised if there were attempts to lock down on encryption tools, or a need for a license to use them (and maybe a backdoor or 2 in them for government..).
It’s amazing the support you can get by stating something is to stop terrorism or more recently, Child porn. To be against an internet filter like we saw in Australia means you would get accusations of supporting child porn, terrorism, crime, etc. What politician wants to be seen as supporting child porn? Only the guilty have something to hide right? Privacy isn’t a right it seems, it’s a privilege that can be revoked.
I am hard pressed to decide which of these issues will be the most potentially damaging. Censorship is certainly one of the most dangerous, since if you can edit the information on the Internet, or control who can use it, you have basically undermined its total value to “free societies.” But I would not ignore the threat of malware as it has become one of the most talked about and fastest growing problem and continuing to be a threat because of how many hand-held devices will be on the Internet in the coming years. Most of those devices are still completely unprotected and vulnerable to a variety of malware attacks from a wide array of sources. Secure your devices, watch what you download, and keep a backup of all your files. The Wild West is going to be happening again, this time our phones, privacy and personal security are up for grabs to the forces best prepared to take advantage of the ignorance of the general populace.
I have to say that the Porn Headline was a bit OTT! P^)
I have been discussing Net security for some time with organisations that represent the Elders in our community. All the security points above are very accurate and well made, but individual impacts are far less well grasped.
There has been an ongoing move in social care from human to technological – the much vaunted TelePresence – remote monitoring of vulnerable adults through remote sensors – the motivation Cost Cutting and supposed independence.
Historically, any form of TelePresence has been minor, and usually in the form of an alarm system to summon help with a dedicated and protected phone line to provide real security. That costs money. Now there have been attempts to have the same service provided over net connections, and there is a big issue of what happens when your router has no power.
I explained to one family the set up they would need to ensure that extended TelePresence (pressure pads under seating, even in the bed, to measure the length of time a person was stationary – motion detectors in all rooms to verify location and even motion – not much use granny collapsing on the floor of the kitchen if you only measure her time sitting in one chair in another room – even sensors on doors and windows to signal if the person enters or leaves the building – or even if someone else enters and leaves by a back window with your money and TV) – well to achieve that lot it requires some rather sophisticated and expensive back up Kit!
1) A very large and high capacity UPS (Uninterruptible Power Supply) Unit to maintain all sensors (Estimated cost £10,500.00 – $16,000.00 UK sales taxes included)
2) A dedicated ring main/power supply wiring to allow all sensors and that important router to be connected to the UPS
3) A dedicated and priority phone line to be in place so that should the net go down a phone alert can be made without the router or the net
4) A number of other safeguards, such as making sure that all TelePresence appliances are hard wired to the power supply to prevent accidental disconnection, and that there is a positive signal presence so breakdown is alerted by loss of signal.
The reality was that the family were being told that the actual costs were a few pounds per month to pay for a net connection, and even being told that there was a bonus for the lone Grandparent in that they would be able to make world wide unlimited phone calls using Voip.
I know of one family who were being told all about Wireless TelePresence and how that would save costs – but no-one could explain how the Wireless Receiver was to be powered and protected for sort of 24/7 365 coverage. It seemed that it was just assumed that there is no such thing as a power cut – phone outage – and that the net is a eternal system that never goes Snafu!
They were also bemused as to how Granny was to be fed and watered over the net?
Yup – there are big security issues that come from the Internet’s Infrastructure and so many vulnerabilities. But in reality the biggest risk factor is the faith people are putting in a technology that can vanish so quickly, and how it’s being peddled as a way to cut costs at the potential cost of lives.
Now just imagine granny with dementia sitting in her home with no power and no router to mention to the net that she has not moved for 3 days! Makes a DNS look up and remembering and IP address child’s play!
I do wonder how many people actually have multiple DNS services programmed in their network cards and routers? There is a nice tool that can help to address that one – http://www.grc.com/dns/benchmark.htm – it allows you to find not just the fastest services for you – but also the IP addresses which you can add to your own computers DNS look up system. I have quite a few programmed – especially ones that are outside of earthquake zones and known storm tracts. I do like to be safer than sorry! P^)
… and don’t forget the DNS for your wireless connections too!