By David Eagleman, Special to CNN
July 10, 2012 -- Updated 2003 GMT (0403 HKT)
David Eagleman is a neuroscientist, Guggenheim Fellow, and New York Times bestselling author. His latest books are "Incognito: The Secret Lives of the Brain" and "Why the Net Matters."
The fact that the Web has
not stopped functioning in its initial decades sometimes encourages us
to assume that it never will. But like any system, biological or
man-made, the Internet has the potential to fail.
Monday's "DNSChanger" malware problem,
which affected some 200,000 computers, was much hyped and ultimately
inconsequential. But here are four maladies that really do have the
potential to wipe out Internet access on a massive scale.
Monday's Internet blackout: Justifiable hysterics or just hype?
1. Space weather
When you think about Web
surfing, you probably don't worry about what's happening on the surface
of the sun 92 million miles away. But you should. Solar flares are one
of our most serious threats for our communication systems.
Consider satellite
failures. One afternoon in 1998, the Galaxy IV, a $250 million satellite
floating 35,000 kilometers above the planet, suddenly spun out of control.
The main suspect is a solar flare: the sun was acting up at that time,
and several other satellites (owned by Germany, Japan, NASA and
Motorola) all failed at the same moment.
The effects were instant
and worldwide. Eighty percent of pagers instantly went down. Physicians,
managers and drug dealers all across the United States looked down and
realized they were no longer receiving pages. NPR, CBS, Direct PC
Internet and dozens of other services went down. It is estimated that in
recent years at least 12 satellites have been lost due to the effects
of space weather.
But it's not just
satellites that we have to worry about. When a massive solar flare
erupts on the sun, it can cause geomagnetic storms on the Earth. The
largest solar eruption recorded so far was in 1859. Known as the
Carrington flare, it sent telegraph wires across Europe and America into
a sparking frenzy.
Since that time, the
technology blanketing the planet has changed quite a bit. If we were to
get another solar flare of that size now, what would happen? The answer
is clear to space physicists and electrical engineers: it would blow out
transformers and melt down our computer systems. In a small disruption
in 1989, an electromagnetic storm arrested power throughout most of
Quebec and halted the Toronto stock market for three hours.
A major solar event
could theoretically melt down the whole Internet. What earthquakes,
bombs, and terrorism cannot do might be accomplished in moments by a
solar corona.
Given our dependence on
the communication systems of our planet, both satellite- and
ground-based, this is not simply a theoretical worry. The next major
geomagnetic storms are expected at the peak of the next solar sunspot
cycle in mid-2013, so hang on tight.
2. Cyberwarfare
Wars of the future will
be fought less by rugged soldiers in the field and more by smart kids
perched in front of computers slamming energy drinks. As our dependence
shifts onto the Net, so do our vulnerabilities.
This future can already
be detected in the tight relationship between corporeal conflicts and
cyber attacks. When one examines the physical conflicts between India
and Pakistan, the Israelis and Palestinians or the parties in the
collapse of Yugoslavia, the escalation of real-world violence is
immediately mirrored by cyber-space warfare.
The main targets in
cyberwar are largely military targets, but increasingly large
multinational corporations serve just as well. Take one of them down,
even temporarily, and you have done more damage to the economy of your
enemy than scores of soldier deaths.
Since the beginning of
the computer era, the 1960s, there have been computer viruses: programs
that latch onto a host system to reproduce themselves and send out new
copies. Just as in biology, as computers have evolved in sophistication,
so have viruses co-evolved. And the cousins to the viruses, worms, do
not even need a host system but can multiply themselves over networks.
Given the defenses in place, are these parasites only a minor theoretical concern? No. Consider the Stuxnet worm
that raised its head in 2010. This worm zigzagged its way into Iranian
industrial systems, reprogrammed them, hid its tracks and wrecked the
factory operations. Seemingly coming from nowhere, Stuxnet introduced
itself as a destructive, unstoppable herald of what's to come.
It will surprise no one
that cyberwarfare of the future will involve targeting not only military
and industrial targets but Internet connectivity for the general
population. If you want to take down your enemy, start by shredding his
Net.
3. Political mandate
In the face of the 2010 post-election riots in Iran, the government
there shut down the Internet for 45 minutes, presumably to set up
filtering of YouTube, Twitter and other sites. Egypt did the same during
its revolution of early 2011. China is actively pursuing the capability
to shut down its own Internet this way.
But it's not just
countries like Iran and China that think about this kind of control over
the Web. On June 24, 2010, a Homeland Security committee in the U.S.
Senate approved a bill giving the president authority to wield an
"Internet kill switch." The bill, Protecting Cyberspace as a National
Asset Act (PCNAA), proposed to give the president "emergency authority
to shut down private sector or government networks in the event of a
cyber attack capable of causing massive damage or loss of life."
The "kill switch" provision was removed from the version of the cybersecurity bill that's before the current Congress.
It's probably just as
well. Almost unanimously, Internet security analysts feel that shutting
down the Web would inevitably do more harm than good, given our
predicted level of dependency on it in time of war for news,
communication with loved ones and crisis information aggregation.
Security guru Bruce
Schneier identifies at least 3 problems with the shutdown idea. First,
the hope of building an electronic line of fortifications is flawed
because there will always be hundreds of ways for enemies to get around
it. No nation or legal decree can plug all the holes.
The second major problem
is that we will be entirely unable to predict the effects of such an
attempted shutdown. As Schneier puts it: "The Internet is the most
complex machine mankind has ever built and shutting down portions of it
would have all sorts of unforeseen ancillary effects."
The third major problem
is the security hole it exposes. Once a domestic Internet kill switch
has been built, why would a cyberattacker concentrate his efforts on
anything else?
Given that the number of
people who could use the Internet for good in a crisis situation will
presumably outnumber the bad guys, it is probably best to not cut off
our heavy dependence on the Web just as things are going bad. Given that
a recent survey by Unisys found 61% of Americans approve of the
Internet kill-switch concept, this issue will require constant
vigilance.
Tell your congressmen: Back away from the switch, slowly.
4. Cable cutting
Technicians lay a fiber optic cable in October 2011 to allow Gabon and 22 African countries to get an Internet connection.
Although satellites are used for some Internet traffic, more than 99
percent of global Web traffic is dependent on deep-sea networks of
fiber-optic cables that blanket the ocean floor like a nervous system.
These are a major physical target in wars, especially at special
choke-points in the system. And this is not simply a theoretical
prediction, the underwater battles are well underway.
As much as three-fourths of the international communications between the
Middle East and Europe have been carried by two undersea cables:
SeaMeWe-4 and FLAG Telecom's FLAG Europe-Asia cable. On January 30, 2008, both of these cables were cut, severely disrupting Internet and telephone traffic from India to Egypt.
It is still not clear how the cables were cut, or by whom. And for that
matter, it is not clear how many cables were cut: some news reports
suggest that there were at least eight. Initial speculations proposed
that the cuts came from a ship anchor, but a video analysis soon
revealed there were no ships in that region from 12 hours before until
12 hours after the slice.
Those cables were only
the beginning. A few days later, on February 1, 2008, an undersea FLAG
Falcon cable in the Persian Gulf was cut 55 miles off the coast of
Dubai. On February 3rd, a cable between the United Arab Emirates and
Qatar was cut. On February 4th, the Khaleej Times reported that not only
these cables, but also two more, a Persian Gulf cable near Iran, and a
SeaMeWe4 cable off the coast of Malaysia.
These cuts led to
widespread outages of the Internet, especially in Iran. Suspicions that
this reflected underwater sabotage derived in no small part from the
geographical pattern: almost all the cables were cut in Middle Eastern
waters near Muslim nations. Who might have done it? No one knows. But it
is known that the U.S. Navy has deployed undersea special operations
for decades. In Operation Ivy Bells, for example, Navy divers appear to
have swum from submarines to tap an undersea cable in the Kuril Islands.
Whatever the truth
behind the incident, we see that if a government or organization wants
badly enough to sabotage the telecommunications across a wide swath, it
is possible. New deep-sea cables are urgently needed to protect the
global economy because businesses worldwide are vulnerable to the
targeting of "choke points" in underwater communications.
Whether by terrorists, governments or cyber-pirates, these weak points in the chain should be keeping us all up at night.
What to do about it
If a nuclear winter,
say, were to wipe out all the crops on the planet, future generations
could reboot the agricultural system by hoofing it out to Svalbard.
I propose that we need to have a similar backup security plan for the human knowledge that underlies the Internet.
I'm not suggesting
something like the Way Back Machine, which takes snapshots of websites
through time. I'm instead talking about simple instructions, burned onto
physical media, for how to generate electricity, how to build a
computer, how to build a router and how to reconstitute the Internet
from basic principles.
The Web appears to be
the single most important technology that has ever been invented. We
have been the generation lucky enough to witness its inception, and we
are now the ones responsible for its protection.
The opinions expressed in this commentary are solely those of David Eagleman.
By Ksenia Konstantinova
No comments:
Post a Comment