Internet doomsday scenarios

For something we have become so reliant on the internet is worryingly open to attack. From attacks on the physical infrastructure, to the computers connected to it, to the data which is stored in it, I’m going to go through some potential internet doomsday scenarios.

Mass deliberate cutting of internet cables

The number of computers on the internet is large. The number of cables which connect the continents is small. This image of the internet’s undersea cables is a few years old but it is still relevant. It shows how fragile the internet’s infrastructure really is.

lan cables

There have already been numerous incidents where areas such as India and the Middle East, West Africa and Dubai have had their internet access severely disrupted. The cause can be ship’s anchors cutting the cables, earthquakes, or component failure.

Even these small incidents can have big knock on impacts, as the failure of one major cable puts extra pressure on other cables to take the extra data – making them more likely to fail as a knock on consequence. Some countries are almost totally reliant on a single cable.

Accidental cable damage has already caused major internet failures. Imagine if a deliberate attack was carried out on numerous cables at the same time, either by a standard terrorist, or some Bond-esque villain intent on removing our ability to watch videos of skateboarding dogs.

If a large enough number of cables were cut the internet could grind to a complete halt.

Yes the damage is fixable, but when you are dealing with cables that are far under the sea it takes time to repair them.

Much of the world could be left without usable internet for days or even weeks. The problem would be compounded by people’s panic reactions. Whenever a major terrorist attack is carried out, people flock to the internet to try to find out more. This creates additional load on the network which compounds the problem.

Search engine data theft

Chances are you use regularly use a search engine. Think back of all the search terms you typed in. I bet you’ve typed searched for things that you wouldn’t want anyone else to know about.

lan cables connecting to router

It could be the things you have searched for would cause major embarrassment to you if your friends or family found out. Maybe if this data were ever made public maybe you would lose your job. Possibly you would be severely shamed. In the worst case if you searched for illegal content you could be prosecuted and imprisoned if found out.

All search engines store your search queries for various purposes, the most obvious being to target relevant adverts at you. They store the raw data for a certain time, and then carry out some form of anonymisation on the data.

A major search engine for example has reduced the time until they anonymise IP addresses from 18 months to 9 months, but is the anonymisation really sufficient?

It seems not, they only change ‘some’ bits of the IP address after 9 months, and you have to wait 18 months to have the last 8 bits and the cookie information changed. This is hardly anonymisation as the associations between can potentially be reconstructed with using the other information in the logs such as the search terms.

If you have ever done searches where you look for you own name, post or zip code, or other personally identifiable information then you are leaving markers in the logs that would allow the information to be reconstructed and attributed to you, even after their anonymisation process is carried out.

Look at what happened when AOL deliberately released search data that they had ‘anonymised’. Researchers and journalists were soon able to track down some of the people who had been typing in those search terms.

So what is the doomsday scenario?

All that data is sitting there in the search engine’s huge data centres all around the world. All it takes is one person to hack in, or one disgruntled employee to send some of the data out.

The search data that AOL released only took up 439mb compressed. Imagine the damage a disgruntled search engine employee with a 1TB hard drive could cause.

Data theft isn’t some far out scenario. It happens all the time. Look at the OSF data loss database if you want to see how often it is happening.

Other data theft

As you can imagine the damage a major search engine data leak or theft could occur, I’m sure you can imagine the damage that could be caused if a major collector of personal data such as Facebook or Hotmail had their data stolen.

router control panel

What would you do if all your email from the last one, two, five, or ten years was made public, for all to see?

Data destruction

More and more of our data is moving from being stored on local computers to centralised data centres which might be in another country (media companies like to refer to the network of data centres as ‘the cloud’). In theory the companies that store our data should be backing it up so if something goes wrong, no data is lost.

Problems occur because when something goes wrong with the original data, the companies often find that their backups don’t work as expected. How often do you test your backups? People just assume that backups will work, and by the time they realise that something is wrong with the backup it is too late.

One example is the social bookmarking site Ma.gnolia who lost all their user data in 2009. The quantity of data lost was only half a terabyte. An amount that you can fit in a pocket hard drive.

If things can go wrong when you have a mere half a terabyte of data, imagine what can go wrong when companies have petabyes, or even exabytes of data.

A better known data destruction close call was the 2009 Sidekick data loss when 800,000 user’s data was lost from Microsoft data centres. Most of the data was subsequently recovered, it is not clear if anyone permanently lost data, but it was certainly a close call for many.

Many of these data destruction events have been down to software errors, but it can only be a matter of time before a well know company suffers a big data centre fire, or until a data centre is deliberately targeted by terrorists.

DNS hacking

The current IPV4 internet was never designed to be secure. Much of it relies on trust. This worked alright when it was just used by scientists, and academics. But now that the internet is open to all, this trust is leading to problems.

One of the cornerstones of the web is the DNS system. We trust it everyday to tell our computer where to find the web address that we type in, or click on.

A URL such as bbc.co.uk is not an address that allows a computer to directly access the website. There is an additional step where a trusted server, known as a DNS server, has to translate the URL into something the computer can find such as 212.58.224.138. This block of four numbers is an IP address. It is the address of a computer on the internet.

We trust the DNS server to give our computer the correct IP address. Problems happen when it doesn’t.

Imagine that we type in the URL for our bank. And instead of giving us the IP address for our bank it gives us the IP address for the computer of a criminal gang (this is known as a DNS hack). Instead of going to our bank’s website we will go to the criminal’s website.

It is not difficult for them to make their website look just like our bank’s website. The address you see in the browser would even be identical so you might never know that you were at the wrong website. They can even produce a fake certificate so you get the padlock icon in your browser that makes you think the website is safe.

Once they have convinced you that their website is the real bank’s website it is trivial for them to get your bank login details off you. In some cases they can forward requests from their fake bank website to the genuine bank website to get your real account information so that they can present you with the correct account balance, and online statement values.

If this attack is done on a high profile bank or other high profile organisation it will get found out. But how long would it take. Maybe a few hours? Maybe half an hour? Maybe it would even be found out sooner.

Even if the DNS hack was quickly closed down the criminals could still steal a large amount of user account details in a very short time. In this time they could initiate purchases, money transfers, or other data thefts.

They could make off with a serious amount of money before anyone realises what has happened.

This kind of DNS hack can be done. China’s largest search engine Baidu recently had their DNS details changed to point somewhere else.

I’ve mainly spoken about using a DNS back to steal bank account details, but it could be used for other purposes. The fake website could install viruses or spyware, promote some political cause, corrupt your data, or steal other data that you would normally type into the trusted website.

Global webcam or microphone hack

Most new laptops and netbooks have cameras and microphones built in these days. Unless you cover up the camera (with bluetak for example) you will be sitting in front of the computer with a camera watching everything you do, and a microphone listening to what you say.

camera phone lens

What if someone managed to hack into your camera, or the cameras of thousands, hundreds of thousands, or even millions of computers? Webcam hacking is something that has already been done on a small scale. There are even websites out there that claim to identify webcams that can easily be hacked into.

The malicious hacker could take covert photos or video of you. And they could use a virus to access your microphone. Many people leave their laptop on in their living room. If a virus was able to access your laptop microphone it would just be like having a spy’s listening bug in your living room.

The malicious virus spreader could record your most personal conversations in full, and could potentially record photos and video as well.

Most laptops do have a basic safety device to prevent the webcam being used without your knowledge. They have a light which will turn on when the camera is activated. If you noticed the light (and I bet a lot of people wouldn’t) then you might spot something isn’t right.

But there is no way to tell if your microphone is being used.

Before you know it the photos, videos, and private conversations of thousands or even millions of people could have been made available for public viewing on the internet.

As shown with the AOL search data scandal, any other unwanted publication of data on the internet is very difficult, or often impossible to get removed.

Think you are safe from prying ears and eyes when away from your computer? Think again, modern mobile phones have cameras, a microphone and an internet connection. There have not been very many instances of mobile phones viruses – yet, but this is an areas that criminals are likely to target more in the future.

Internet censorship

Censorship on the internet is increasing. As well as countries that openly practice internet censorship, you might be surprised to hear of internet censorship being introduced in countries such as Australia and New Zealand.

One of the internet’s big strengths has been to allow information to move freely from country to country. For how much longer will this be the case?

Reporters without Borders have a good PDF of internet enemies on their site, and Wikipedia have a comprehensive starting page on internet censorship.

Made to pay for illegal music and film downloading

Have you ever illegally downloaded a song or a film? Or have you shared a song or film with other via websites such as BitTorrent?

If you have, then music and film industry bodies such as the RIAA or MPAA may one day be getting in contact with you.

They are very keen to stamp down on all pirating activities and have launched many prosecutions against individual users. There has even been a case of someone being jailed for sharing a video.

You may wonder how they would ever find out. Unfortunately for you there are companies such as BayTSP who are employed by the copyright holders to track illegal downloads on their behalf. They can build up huge databases of what IP addresses are downloading what. All the copyright holder then has to do is to make the relevant ISP hand over the details of who was using that IP address at that time and they can soon make a prosecution.

Many people have already received demands that require them to pay compensation or face prosecution.

Don’t go round thinking the internet is anonymous. Everywhere you go information about what you do is being recorded. It only takes one company with sufficient motivation (such as an expected monetary payoff) to be able to piece the bits together and identify you.

Windows Update hacked

Windows Update is Microsoft’s solution for pushing updates and patches to millions of Windows PCs all around the world.

adsl microfilter

Most people have their PCs configured to automatically download and install all critical updates that Microsoft issue.

What if the ‘bad guy hackers’ managed to hack into the Windows Update mechanism and insert their virus into the Windows Update system so that all Windows PCs around the world automatically downloaded and installed it before Microsoft notice?

Once installed the virus could create havoc on a scale not seen by any other virus. A denial of service attack launched from the entire world’s Windows PCs could bring the internet to a complete standstill for a significant time. The damage would take a lot of effort to fix.

Ultimate doomesday

What if using the Windows Update hack the bad guys were really evil. What if instead of just installing spyware, or using the PCs as a botnet the bad guys decided to nuke them. The Chernobyl virus wrote over the computer’s BIOS, and over vital parts of the hard drive.

If it managed to infect the computer and corrupt the BIOS and hard drive in this way then the computer would need to be taken in for repair, and there might be a significant loss of data even after the repair.

Millions or hundreds of millions people could be left without access to their computers. This kind of virus would be more likely to affect home or small business users, as medium or large businesses don’t usually have automatic updates turned on. They’ll roll out the patches only after they have tested them.

This kind of virus could have enormous global impact, but it could still be worse.

If the bad guys managed to find a significant zero day exploit on several different versions of Windows, and managed to find a way to covertly spread it, then they could go for a total global infection. If the bad guys were patient and waited for the infection to reach a critical mass before activating it then they could simultaneously nuke the majority of internet connected Windows PCs at the same time.

What then? It is hard to imagine what would happen to the world if most of their desktop computers were wiped out in this way.

Of course some lucky people would have UNIX/Linux/Mac machines, and they’d be alright – unless the hackers were really good and used a simultaneous exploit on those as well! Users of non-Windows machines shouldn’t be too smug about the security of their computers. There are many examples that have shown that non-Windows machines are riddled with security holes. They only stay virus free because the hackers attention is focussed on the Windows boxes.

Links for the paranoid

The best way to avoid viruses and spyware is to apply common sense. Nowadays most malware is getting on computers through social engineering, or people being careless. I did write a post about anti-malware software but it is now a bit out of date. These days I use Avast, Windows Security Essentials, Spyware Blaster and Trusteer Rapport.

Scroggle will allow you to search Google without them being able to link your search queries to you. Google have an SSL encrypted version of the search tool, which will prevent your searches being intercepted by your ISP, or by people sniffing your unencrypted WiFi connection if you aren’t using an encrypted connection.

For more comprehensive anonymous browsing Anonymizer.com will help.

If you are worried about your web cam being used to spy on you then covering the lens with blu tack or a piece of paper will work. Be careful if you use something sticky like blu tack. When you close the screen it might stick to the main surface of your laptop. And when you then open it again you could end up ripping the screen off!

Preventing the microphone from being used is harder – if there is a physical microphone plug on the laptop then plugging in a 3.5mm adaptor should physically disconnect it.

To solve your worries about losing data which is stored in the world’s data centres all you have to do is make sure it is backed up – which you should be doing anyway.

For people who are worried about being sued for pirating music and DVDs; I’d suggest a simple solution. Buy your music and DVDs instead of pirating them! They aren’t that expensive if you get them from somewhere like Amazon. And you’ll get a warm and fuzzy feeling that you are supporting the people employed in the music and film industries!

Have fun on your computers, and stay safe!

Leave a Reply

Your email address will not be published. Required fields are marked *

Do NOT fill this !