The Day The Internet Goes Down

This hasn't happened—yet.  But Bruce Schneier, an experienced Internet security expert with a track record of calling attention to little problems before they become big ones, is saying he's seeing signs that somebody may be considering an all-out attack on the Internet.  In an essay he posted last month called "Someone Is Learning How to Take Down the Internet," he tells us that several Internet-related companies which perform essential functions such as running domain-name servers (DNS) have come to him recently to report a peculiar kind of distributed denial-of-service (DDOS) attack.

For those who may not have read last week's blog about ICANN, let's back up and do a little Internet 101.  The URLs you use to find various websites end in domain names—for example, .com or .org.  One company that has gone public on its own with some limited information about the attacks is Verisign, a Virginia-based firm whose involvement with the Internet goes back to the 1990s, when they served as the kind of Internet telephone book for every domain ending in .com for a while, before the ICANN, now an internationally-governed nonprofit organization, took over that job.  Without domain-name servers, networked computers can't figure out how to find websites, and the whole Internet communication process pretty much grinds to a halt.  So the DNS function is pretty important.

As Schneier explains in his essay, companies such as Verisign have been experiencing DDOS attacks that start small and ramp up over a period of time.  He likens them to the way the old Soviet Union used to play tag with American air defenses and radar sites in order to see how good they were, in case they ever had to mount an all-out attack.  From the victim's point of view, a DDOS attack would be like if you were an old-fashioned telephone switchboard operator, and all your incoming-call lights lit up at once—for hours, or however long the attack lasts.  It's a battle of bandwidths, and if the attacker generates enough dummy requests over a wide enough bandwidth (meaning more servers and more high-speed Internet connections), the attack overwhelms the victim's ability to keep answering the phone, so to speak.  Legitimate users of the attacked site are blocked out and simply can't connect as long as the attack is effective.  If a critical DNS is attacked, it's a good chance that most of the domain names served will also disappear for the duration.  That hasn't happened yet on a large scale, but some small incidents have occurred along these lines recently, and Schneier thinks that somebody is rehearsing for a large-scale attack.

The Internet was designed from the start to be robust against attack, but back in the 1970s and 1980s, the primary fear was an attack on the physical network, not one using the Internet itself.  Nobody goes around chopping up fiber cables in hopes of bringing down the Internet, because it's simply not that vulnerable physically.  But it's likely that few if any of the originators thought of the possibility that the Internet's strengths—universal access, global reach—would be turned against it by malevolent actors.  It's also likely that few of them may have believed in original sin, but that's another matter.

Who would want to take down the Internet?  For the rest of the space here I'm going to engage in a little dismal speculation, starting with e-commerce.  Whatever else happens if the Internet goes down, you're not going to be able to buy stuff that way.  Schneier isn't sure, but he thinks these suspicious probing attacks may be the work of a "state actor," namely Russia or China.  Independent hackers, or even criminal rings, seldom have access to entire city blocks of server farms, and high-bandwidth attacks like these generally require such resources.

If one asks the simple question, "What percent of retail sales are transacted over the Internet for these three countries:  China, the U. S., and Russia?" one gets an interesting answer.  It turns out that as of 2015, China transacted about 12.9% of all retail sales online.  The U. S. was next, at about 8.1%.  Bringing up the rear is Russia, at around 2%, which is where the U. S. was in 2004.  Depending on how it's done, a massive attack on DNS sites could be designed to damage some geographic areas more than others, and without knowing more details about China's Internet setup I can't say whether China could manage to cripple the Internet in the U. S. without messing up its own part.  But there is so much U. S.-China trade that Chinese exports would start to suffer pretty fast anyway.  So there are a couple of reasons that if China did anything along these lines, they would be shooting themselves in the foot, so to speak.

Russia, on the other hand, has much less in the way of direct U. S. trade, and while it would be inconvenient for them to lose the use of the Internet for a while, their economy, such as it is, would suffer a much smaller hit.  So based purely on economic considerations, my guess is that Russia would have more to gain and less to lose in an all-out Internet war than China would.

A total shutdown of the Internet is unlikely, but even a partial shutdown could have dire consequences.  Banks use the Internet.  Lots of essential utility services, ranging from electric power to water and natural gas, use the Internet for what's called SCADA (supervisory control and data acquisition) functions.  The Internet has gradually become critical piece of infrastructure whose vulnerabilities have never been fully tested in an all-out attack.  It's not a comfortable place for a country to be in, and in these days of political uncertainty and the waning of dull, expert competence in the upper reaches of government, you hope that someone, somewhere has both considered these possibilities in detail, and figured out some kind of contingency plan to act on in case it happens. 

If there is such a plan, I don't know about it.  Maybe it's secret and we shouldn't know.  But if it's there, I'd at least like to know that we have it.  And if we don't, maybe we should make plans on our own for the Day The Internet Goes Down.

Sources:  Bruce Schneier's essay "Someone Is Learning How to Take Down the Internet" can be found at https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html.  I obtained statistics on the percent of U. S. retail e-commerce sales from the website https://ycharts.com/indicators/ecommerce_sales_as_percent_retail_sales, the China data from https://www.internetretailer.com/2016/01/27/chinas-online-retail-sales-grow-third-589-billion-2015, and the Russia data from https://www.internetretailer.com/commentary/2016/02/08/russian-e-commerce-domestic-sales-slump-chinese-imports-soar.  I also referred to the Wikipedia article on Verisign.

Will ISIS Hack the U. S. Power Grid?

In a meeting of electric-power providers last week, U. S. law enforcement officials revealed that Islamic State operatives have tried to hack into parts of the American power grid, so far without success.  But the mere fact that they're trying has some grim implications.

One of the officials, Caitlin Durkovich, is assistant secretary for infrastructure protection at the U. S. Department of Homeland Security.  She refused to provide specific details of the attacks, but an FBI official said so far that the attacks are characterized by "low capability." 

For some time now, it's been obvious that cyberwarfare may play an increasing role in future conflicts.  Perhaps the most significant successful attack up to now was mounted by a team of U. S. and Israeli experts in what came to be known as Stuxnet.  The attack was aimed at Iran's nuclear-material centrifuges and allegedly disabled many of them in 2010 before operators figured out what was going on. 

That attack was aimed at one specific facility, and the attackers had access to abundant information on the particular equipment involved.  Doing something similar to a significant part of the U. S. power grid would be a harder proposition for several reasons.

A Stuxnet-style attack on one generator, or even an entire plant, might temporarily  damage that plant and take it out of commission.  But the power grid is designed to deal with just such occurrences without major disruptions.  At any given time, a certain number of generators are offline for repairs or maintenance, and every so often a problem will cause one or more generators to trip out unexpectedly.  Unless the loss of capacity is very large or happens at a critical high-demand time (say on the hottest day of summer), the system absorbs the loss and reroutes power from other sources to make up the difference, often with no noticeable interruption to customers. 

So in order to produce a large-scale blackout that would do some good from a terrorism point of view, a different approach would be needed. 

The most vulnerable parts of the power grid from a hacking point of view are the network control systems themselves—the SCADA (supervisory control and data acquisition) devices and communications systems that tell system operators (both human and electronic) what the status of the grid is, and open and close the big high-voltage switches that route the energy.  A simultaneous order to a lot of circuit breakers to open up all across a large grid would throw the whole system into chaos, tripping other automatic breakers everywhere and necessitating a total shutdown and resynchronization, which could take hours or days—even longer if widespread mechanical damage occurred, which is possible. 

But doing that sort of attack would be very hard.  I am no power-grid expert, but I do know that long before the Internet came along, power utilities constructed their own special-purpose communication networks that carried the switch-command instructions, often by means of microwave relays or dedicated cables.  Originally, these specialized networks were entirely independent of the Internet because there was no such thing yet, and so were perfectly secure from Internet-based hacking.  Utilities tend not to throw anything away that still works, so my suspicion is that a good bit of network-control data still gets carried on these physically isolated communications links.  For a set of hackers halfway around the world to get into those specialized communications systems would require either amazing hacking abilities, or inside information, or most likely both. 

This is not to say that it's impossible.  But the job is orders of magnitude harder than disabling one uniform set of machines in one location.  As reports on the power-grid hacking attempts pointed out, the U. S. grid is a hodge-podge of widely different equipment, systems, protocols, hardware, and software.  A hack that might take out a power plant in Hackensack would probably be useless on a plant in Houston.  So to mount a coordinated attack that would create a politically significant amount of trouble would be a monumental undertaking—so hard that evil guys with limited resources may decide that some other type of troublemaking would be a better use of their time.

Does that mean we can just sit back and enjoy the fact that the Islamic State hackers don't know what they're doing?  Not necessarily.  Hackers come in all flavors, and as the Internet has played an increasing role in the day-to-day operation of electric utilities, those same firms have had to deal with the accompanying hazards of malevolent cyberattacks from who knows where.  So the fact that Islamic State hackers are going after the power grid is not exactly a surprise.

While the recent revelations have led to some calls for increased government oversight of cybersecurity for the power grid, the industry so far seems to have done a fairly good job at policing itself.  A report in USA Today back in March of 2015 said that the North American Electrical Reliability Corporation (NERC), which is the non-profit industry-sponsored security-standard enforcer, has slacked off on the number of penalties and fines it has assessed on its members in recent years.  But the president of NERC says this doesn't necessarily mean that his organization is getting lazy—it could just as well be that utilities are following the rules better.

Rules or no rules, the danger that foreign and domestic terrorist organizations could cause massive power blackouts in the U. S. is real.  And constant vigilance on the part of the utility operators is needed to prevent these attacks from getting anywhere.  Fortunately, the present structure of the grid makes it a particularly difficult target.  But that doesn't mean it couldn't ever happen.

Sources:  I referred to reports of the disclosures about cyberattacks on utility infrastructures carried by CNN on Oct. 15, 2015 at http://money.cnn.com/2015/10/15/technology/isis-energy-grid/, and by the Washington Examiner at http://www.washingtonexaminer.com/article/2552766.  USA Today carried an in-depth study of the issue by Steve Reilly on Mar. 24, 2015 at http://www.usatoday.com/story/news/2015/03/24/power-grid-physical-and-cyber-attacks-concern-security-experts/24892471/. I blogged on Stuxnet on July 24, 2011 and July 2, 2012.