sb-nz logo
Story image

Could cyber attacks break the entire internet this year?

20 Mar 2017

Australian security firm Aleron says the internet is a fragile landscape that could potentially suffer catastrophic failure, and some have suggested that the entire internet might go down this year.

Businesses play a large part in securing the internet and making sure it stays up, the company says.

The WikiLeaks scandal has shown that the CIA knew there were vulnerabilities in software that can be hacked, which means if the CIA can do it, anybody else could do it too, Aleron’s director Mark Wroniak says.

The internet as a whole is also hosted by so few companies that the very platform itself is now vulnerable to attacks.

 “Companies like Google, Amazon and Microsoft host the lion’s share of the internet, creating a metaphorical black hole if they go down. The rollout of the nbn high-speed network across Australia potentially adds to the risk for local businesses because this super-fast internal network can effectively be used to attack Australia from within,” Wroniak continues.

He cites Amazon’s S3 cloud storage issue that occurred at the start of this month; which brought down some of the world’s biggest websites and apps. This showed that a single targeted attack could potentially bring down the entire internet.

“According to Amazon, Amazon S3 didn’t go down because of a deliberate attack but because of a typo by an engineer inputting a command. Imagine the impact of a targeted, coordinated attack on one or more of these major providers,” he says.

DNS provider Dyn provides a crucial service that translates web addresses into the numbers needed to point browsers in the right place. If it doesn’t work, the internet is useless. In 2016 a DDoS attack against the company brought down major sites including Twitter and WhatsApp, he says.

IoT devices helped to fuel the attack because their low security makes them especially vulnerable.

Wroniak says that if large chunks of the internet fail, it could also affect the stockmarkets and public facilities such as transport.

“Mobile phone towers could be hacked, making communications challenging; Australia’s mobile phone network is unlikely to be able to cope with a massive surge in demand. Businesses would find it difficult to function with no email and no access to documents stored in the cloud,” he says.

He suggests that businesses distribute their services over multiple regions and providers.

“Redundancy is the keyword. Having a single point of failure is never the recommended option. When just a few hours’ outage can cost companies millions of dollars, it becomes a significant threat to the business,” he says.

“Responsible business managers must insulate their organisations from this type of fallout. This means putting strong security measures in place as well as building in redundancy.”

Story image
Cybersecurity spending to increase following SolarWinds hacking
Hackers breached software provider SolarWinds, directly infecting the company’s Orion software as well as several local, state and federal agencies.More
Story image
A brief history of cyber-threats — from 2000 to 2020
Many significant cybersecurity events have occurred since the year 2000 — not every one of them ‘firsts’, but all of them correlating with a change in security behaviour or protection.More
Story image
Trend Micro adds cloud-native container security to Cloud One Services Platform
Designed to ease the security of container builds, deployments and runtime workflows, the new service helps developers accelerate innovation and minimise application downtime across Kubernetes environments.More
Story image
IT professionals destroying end-of-life hardware over fears of data breaches - report
IT directors are destroying end of life tech hardware as opposed to erasing its data out of fear of making a mistake and facing data breaches.More
Story image
As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study. More
Story image
Entrust acquires HyTrust, with aim to improve data encryption solutions
Entrust says the acquisition will bolster its effort to deliver data protection and compliance solutions to its customers, while accelerating their digital transformations.More