Story image

Could cyber attacks break the entire internet this year?

20 Mar 17

Australian security firm Aleron says the internet is a fragile landscape that could potentially suffer catastrophic failure, and some have suggested that the entire internet might go down this year.

Businesses play a large part in securing the internet and making sure it stays up, the company says.

The WikiLeaks scandal has shown that the CIA knew there were vulnerabilities in software that can be hacked, which means if the CIA can do it, anybody else could do it too, Aleron’s director Mark Wroniak says.

The internet as a whole is also hosted by so few companies that the very platform itself is now vulnerable to attacks.

 “Companies like Google, Amazon and Microsoft host the lion’s share of the internet, creating a metaphorical black hole if they go down. The rollout of the nbn high-speed network across Australia potentially adds to the risk for local businesses because this super-fast internal network can effectively be used to attack Australia from within,” Wroniak continues.

He cites Amazon’s S3 cloud storage issue that occurred at the start of this month; which brought down some of the world’s biggest websites and apps. This showed that a single targeted attack could potentially bring down the entire internet.

“According to Amazon, Amazon S3 didn’t go down because of a deliberate attack but because of a typo by an engineer inputting a command. Imagine the impact of a targeted, coordinated attack on one or more of these major providers,” he says.

DNS provider Dyn provides a crucial service that translates web addresses into the numbers needed to point browsers in the right place. If it doesn’t work, the internet is useless. In 2016 a DDoS attack against the company brought down major sites including Twitter and WhatsApp, he says.

IoT devices helped to fuel the attack because their low security makes them especially vulnerable.

Wroniak says that if large chunks of the internet fail, it could also affect the stockmarkets and public facilities such as transport.

“Mobile phone towers could be hacked, making communications challenging; Australia’s mobile phone network is unlikely to be able to cope with a massive surge in demand. Businesses would find it difficult to function with no email and no access to documents stored in the cloud,” he says.

He suggests that businesses distribute their services over multiple regions and providers.

“Redundancy is the keyword. Having a single point of failure is never the recommended option. When just a few hours’ outage can cost companies millions of dollars, it becomes a significant threat to the business,” he says.

“Responsible business managers must insulate their organisations from this type of fallout. This means putting strong security measures in place as well as building in redundancy.”

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
GCSB welcomes Inspector-General's report on intelligence warrants
Intelligence warrants can include surveillance, private communications interception, searches of physical places and things, and the seizure of communications, information and things.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."