Editor's note: David Eagleman is a neuroscientist, Guggenheim Fellow, and New York Times bestselling author. His latest books are "Incognito: The Secret Lives of the Brain" and "Why the Net Matters."
(CNN) -- The Internet was designed to be robust, fault-tolerant and distributed, but its technology is still in its infancy.
The fact that the Web has
not stopped functioning in its initial decades sometimes encourages us
to assume that it never will. But like any system, biological or
man-made, the Internet has the potential to fail.
Monday's "DNSChanger" malware problem,
which affected some 200,000 computers, was much hyped and ultimately
inconsequential. But here are four maladies that really do have the
potential to wipe out Internet access on a massive scale.
1. Space weather
David Eagleman is a neuroscientist and a New York Times bestselling author.
When
you think about Web surfing, you probably don't worry about what's
happening on the surface of the sun 92 million miles away. But you
should. Solar flares are one of our most serious threats for our
communication systems.
Consider satellite
failures. One afternoon in 1998, the Galaxy IV, a $250 million satellite
floating 35,000 kilometers above the planet, suddenly spun out of control.
The main suspect is a solar flare: the sun was acting up at that time,
and several other satellites (owned by Germany, Japan, NASA and
Motorola) all failed at the same moment.
The effects were instant
and worldwide. Eighty percent of pagers instantly went down. Physicians,
managers and drug dealers all across the United States looked down and
realized they were no longer receiving pages. NPR, CBS, Direct PC
Internet and dozens of other services went down. It is estimated that in
recent years at least 12 satellites have been lost due to the effects
of space weather.
But it's not just
satellites that we have to worry about. When a massive solar flare
erupts on the sun, it can cause geomagnetic storms on the Earth. The
largest solar eruption recorded so far was in 1859. Known as the
Carrington flare, it sent telegraph wires across Europe and America into
a sparking frenzy.
Since that time, the
technology blanketing the planet has changed quite a bit. If we were to
get another solar flare of that size now, what would happen? The answer
is clear to space physicists and electrical engineers: it would blow out
transformers and melt down our computer systems. In a small disruption
in 1989, an electromagnetic storm arrested power throughout most of
Quebec and halted the Toronto stock market for three hours.
A major solar event
could theoretically melt down the whole Internet. What earthquakes,
bombs, and terrorism cannot do might be accomplished in moments by a
solar corona.
Given our dependence on
the communication systems of our planet, both satellite- and
ground-based, this is not simply a theoretical worry. The next major
geomagnetic storms are expected at the peak of the next solar sunspot
cycle in mid-2013, so hang on tight.
2. Cyberwarfare
As our dependence shifts onto the Net, so do our vulnerabilities.
David Eagleman
David Eagleman
Wars of the future will
be fought less by rugged soldiers in the field and more by smart kids
perched in front of computers slamming energy drinks. As our dependence
shifts onto the Net, so do our vulnerabilities.
This future can already
be detected in the tight relationship between corporeal conflicts and
cyber attacks. When one examines the physical conflicts between India
and Pakistan, the Israelis and Palestinians or the parties in the
collapse of Yugoslavia, the escalation of real-world violence is
immediately mirrored by cyber-space warfare.
The main targets in
cyberwar are largely military targets, but increasingly large
multinational corporations serve just as well. Take one of them down,
even temporarily, and you have done more damage to the economy of your
enemy than scores of soldier deaths.
Since the beginning of
the computer era, the 1960s, there have been computer viruses: programs
that latch onto a host system to reproduce themselves and send out new
copies. Just as in biology, as computers have evolved in sophistication,
so have viruses co-evolved. And the cousins to the viruses, worms, do
not even need a host system but can multiply themselves over networks.
Given the defenses in place, are these parasites only a minor theoretical concern? No. Consider the Stuxnet worm
that raised its head in 2010. This worm zigzagged its way into Iranian
industrial systems, reprogrammed them, hid its tracks and wrecked the
factory operations. Seemingly coming from nowhere, Stuxnet introduced
itself as a destructive, unstoppable herald of what's to come.
It will surprise no one
that cyberwarfare of the future will involve targeting not only military
and industrial targets but Internet connectivity for the general
population. If you want to take down your enemy, start by shredding his
Net.
3. Political mandate
In the face of the 2010
post-election riots in Iran, the government there shut down the Internet
for 45 minutes, presumably to set up filtering of YouTube, Twitter and
other sites. Egypt did the same during its revolution of early 2011.
China is actively pursuing the capability to shut down its own Internet
this way.
In the face of 2010 post-election riots in Iran, the government there briefly shut down the Internet.
But it's not just
countries like Iran and China that think about this kind of control over
the Web. On June 24, 2010, a Homeland Security committee in the U.S.
Senate approved a bill giving the president authority to wield an
"Internet kill switch." The bill, Protecting Cyberspace as a National
Asset Act (PCNAA), proposed to give the president "emergency authority
to shut down private sector or government networks in the event of a
cyber attack capable of causing massive damage or loss of life."
The "kill switch" provision was removed from the version of the cybersecurity bill that's before the current Congress.
It's probably just as
well. Almost unanimously, Internet security analysts feel that shutting
down the Web would inevitably do more harm than good, given our
predicted level of dependency on it in time of war for news,
communication with loved ones and crisis information aggregation.
Security guru Bruce
Schneier identifies at least 3 problems with the shutdown idea. First,
the hope of building an electronic line of fortifications is flawed
because there will always be hundreds of ways for enemies to get around
it. No nation or legal decree can plug all the holes.
The second major problem
is that we will be entirely unable to predict the effects of such an
attempted shutdown. As Schneier puts it: "The Internet is the most
complex machine mankind has ever built and shutting down portions of it
would have all sorts of unforeseen ancillary effects."
The third major problem
is the security hole it exposes. Once a domestic Internet kill switch
has been built, why would a cyberattacker concentrate his efforts on
anything else?
Given that the number of
people who could use the Internet for good in a crisis situation will
presumably outnumber the bad guys, it is probably best to not cut off
our heavy dependence on the Web just as things are going bad. Given that
a recent survey by Unisys found 61% of Americans approve of the
Internet kill-switch concept, this issue will require constant
vigilance.
Tell your congressmen: Back away from the switch, slowly.
4. Cable cutting
Although satellites are
used for some Internet traffic, more than 99 percent of global Web
traffic is dependent on deep-sea networks of fiber-optic cables that
blanket the ocean floor like a nervous system. These are a major
physical target in wars, especially at special choke-points in the
system. And this is not simply a theoretical prediction, the underwater
battles are well underway.
Technicians lay a fiber optic cable in October 2011 to allow Gabon and 22 African countries to get an Internet connection.
As much as three-fourths
of the international communications between the Middle East and Europe
have been carried by two undersea cables: SeaMeWe-4 and FLAG Telecom's
FLAG Europe-Asia cable. On January 30, 2008, both of these cables were cut, severely disrupting Internet and telephone traffic from India to Egypt.
It is still not clear
how the cables were cut, or by whom. And for that matter, it is not
clear how many cables were cut: some news reports suggest that there
were at least eight. Initial speculations proposed that the cuts came
from a ship anchor, but a video analysis soon revealed there were no
ships in that region from 12 hours before until 12 hours after the
slice.
Those cables were only
the beginning. A few days later, on February 1, 2008, an undersea FLAG
Falcon cable in the Persian Gulf was cut 55 miles off the coast of
Dubai. On February 3rd, a cable between the United Arab Emirates and
Qatar was cut. On February 4th, the Khaleej Times reported that not only
these cables, but also two more, a Persian Gulf cable near Iran, and a
SeaMeWe4 cable off the coast of Malaysia.
These cuts led to
widespread outages of the Internet, especially in Iran. Suspicions that
this reflected underwater sabotage derived in no small part from the
geographical pattern: almost all the cables were cut in Middle Eastern
waters near Muslim nations. Who might have done it? No one knows. But it
is known that the U.S. Navy has deployed undersea special operations
for decades. In Operation Ivy Bells, for example, Navy divers appear to
have swum from submarines to tap an undersea cable in the Kuril Islands.
Whatever the truth
behind the incident, we see that if a government or organization wants
badly enough to sabotage the telecommunications across a wide swath, it
is possible. New deep-sea cables are urgently needed to protect the
global economy because businesses worldwide are vulnerable to the
targeting of "choke points" in underwater communications.
Whether by terrorists, governments or cyber-pirates, these weak points in the chain should be keeping us all up at night.
What to do about it
The Global Seed Vault
in Svalbard (a small island in the Arctic) is a secure bank for the
future of the world. It holds duplicate samples -- that is, spare copies
-- of seeds held in gene banks worldwide. The seed vault provides
insurance in the event of large-scale regional or global crises.
If a nuclear winter,
say, were to wipe out all the crops on the planet, future generations
could reboot the agricultural system by hoofing it out to Svalbard.
I propose that we need to have a similar backup security plan for the human knowledge that underlies the Internet.
I'm not suggesting
something like the Way Back Machine, which takes snapshots of websites
through time. I'm instead talking about simple instructions, burned onto
physical media, for how to generate electricity, how to build a
computer, how to build a router and how to reconstitute the Internet
from basic principles.
The Web appears to be
the single most important technology that has ever been invented. We
have been the generation lucky enough to witness its inception, and we
are now the ones responsible for its protection.
No comments:
Post a Comment