sb-as logo
Story image

Could cyber attacks break the entire internet this year?

20 Mar 2017

Australian security firm Aleron says the internet is a fragile landscape that could potentially suffer catastrophic failure, and some have suggested that the entire internet might go down this year.

Businesses play a large part in securing the internet and making sure it stays up, the company says.

The WikiLeaks scandal has shown that the CIA knew there were vulnerabilities in software that can be hacked, which means if the CIA can do it, anybody else could do it too, Aleron’s director Mark Wroniak says.

The internet as a whole is also hosted by so few companies that the very platform itself is now vulnerable to attacks.

 “Companies like Google, Amazon and Microsoft host the lion’s share of the internet, creating a metaphorical black hole if they go down. The rollout of the nbn high-speed network across Australia potentially adds to the risk for local businesses because this super-fast internal network can effectively be used to attack Australia from within,” Wroniak continues.

He cites Amazon’s S3 cloud storage issue that occurred at the start of this month; which brought down some of the world’s biggest websites and apps. This showed that a single targeted attack could potentially bring down the entire internet.

“According to Amazon, Amazon S3 didn’t go down because of a deliberate attack but because of a typo by an engineer inputting a command. Imagine the impact of a targeted, coordinated attack on one or more of these major providers,” he says.

DNS provider Dyn provides a crucial service that translates web addresses into the numbers needed to point browsers in the right place. If it doesn’t work, the internet is useless. In 2016 a DDoS attack against the company brought down major sites including Twitter and WhatsApp, he says.

IoT devices helped to fuel the attack because their low security makes them especially vulnerable.

Wroniak says that if large chunks of the internet fail, it could also affect the stockmarkets and public facilities such as transport.

“Mobile phone towers could be hacked, making communications challenging; Australia’s mobile phone network is unlikely to be able to cope with a massive surge in demand. Businesses would find it difficult to function with no email and no access to documents stored in the cloud,” he says.

He suggests that businesses distribute their services over multiple regions and providers.

“Redundancy is the keyword. Having a single point of failure is never the recommended option. When just a few hours’ outage can cost companies millions of dollars, it becomes a significant threat to the business,” he says.

“Responsible business managers must insulate their organisations from this type of fallout. This means putting strong security measures in place as well as building in redundancy.”

Story image
Zoom to begin rolling out end-to-end encryption
Available starting from next week, it represents the first phase out of four of the company’s greater E2EE offering, which was announced in May following backlash that the company was lax on its security and privacy.More
Story image
Video: 10 Minute IT Jams - Security expert discusses changing cyber-attacker behaviour
In this Jam to SonicWall senior manager of product marketing Brook Chelmo, who talks about the specific changes in cyber-attacker behaviour he's seen unfold this year, as well as some best practices that should be employed by CISOs to combat increasing risk profiles.More
Story image
COVID-19 crushes fingerprint reader market
However, the biometrics market is expected to regain momentum with alternatives already beginning to find their feet.More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
WhiteHawk ramps up cyber revenues with US$1.5 million contract extension
WhiteHawk Limited has been awarded a fiscal 2021 option extension of US$1.5 million (A$2.1M) under an existing seven-year contract.More
Story image
Security and operations collaboration key to success post COVID-19
“We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align."More