network-fiber

How the Internet May Be Taken Down

6 comments

We’ve all seen some of the latest apocalyptic movies with some pretty epic reasons for losing Internet, electricity and other modern technologies. What’s interesting is that a lot of these reasons are far-fetched and aren’t always entirely realistic.

So here is where you pose a really challenging question: How, in today’s world, can the Internet completely go down?

Before we get into “how” – we have to understand “what” the Internet really is. At a very high-level, the Internet is a vast interconnected network of data centers spanning the globe. These data centers have exchange points, protocols and routes that they have to follow. With every year that passes, the Internet becomes more and more resilient. Why? Because at this point, Internet communication is absolutely critical to the survival of our current society.

To really understand just how complex the Internet will be, here is the entire Internet network, in all of its glory.

Source: OPTE.org

Source: OPTE.org

We know the Internet is huge and that there are a lot of connections. So how can all of this fail? Well, there are a few ways.

Cutting the wires

Bringing down a couple – or even all – of the satellites will actually do little to cut Internet traffic. Yes, it will cause an amazing amount of issues, but the Internet will most likely live on. At this point, roughly 99 percent of global Web traffic is dependent on deep-sea networks of fiber-optic cables that blanket the ocean floor like a nervous system. These are major tangible targets – creating very real choke points in the system.

Consider this: As much as three-fourths of the international communications between the Middle East and Europe have been carried by two undersea cables, SeaMeWe-4 and FLAG Telecom’s FLAG Europe-Asia cable. To make things movie-worthy, you can’t just cut the wires. Why? Because they’re designed to be fixed. However, a strategic strike that will take out the fiber optic cables or damage the entire wire will do the trick. If this is done at choke points you can disable or almost completely halt global Internet traffic.

Destroy root servers

It’s much easier to go to Google.com than to type in 74.125.225.131. That’s what root servers do – they are responsible for decoding .com, .net, .org. names before aligning them with the correct IP address. If you take out these servers, the Internet will no longer recognize the alphabet when you type in an address.

Here’s the interesting part: there are “only” 13 servers that do this. Here’s the list of them. Effectively, if you take these servers down, the only way to “browse” the Internet will be with a physical piece of paper, a pen and a really good memory around numbers.

Here’s the other interesting part: take down these servers and IPv6 won’t work either. Phones, computers, businesses, everything will stop. The challenge with this is that these severs are replicated and backed-up and replicated hundreds of times over. Plus, with IPv6 – how these data centers receive and process multiple IP address is changing as well. Still, a “mission impossible” style attack where backups are killed, replication is stopped and only 13 servers remain could make a catastrophic outage possible.

Cyber warfare/political

China, Iran, North Korea, Syria and a few other folks already have an “Internet Kill Switch.” We’ve seen an entire country go dark. When Syrian and Egyptian rebels were posting pictures of the conflict, the government simply flipped a “switch.” This is what happened:

akamai-internet-traffic-data

Source: Akamai

Egypt-All_outages_zoom2

Source: Renesys.com

What if the U.S. had this switch? What about the EU? What if there were secret programs (NSA-style) that had complete control of the Internet from a kill-switch perspective? Here’s the interesting part – what if it broke? A country or governing body can take down the Internet; but what if they can’t bring it back up? What if a malicious group gains access to the kill switch and takes it down permanently? Even if you could fix it – having the Internet go down for a few months would be absolutely detrimental – especially if it was on a global scale.

Pages: 1 2

About the Author

Bill Kleyman is a veteran, enthusiastic technologist with experience in data center design, management and deployment. His architecture work includes virtualization and cloud deployments as well as business network design and implementation. Currently, Bill works as the National Director of Strategy and Innovation at MTM Technologies, a Stamford, CT based consulting firm.

Add Your Comments

  • (will not be published)

6 Comments

  1. Root servers. There's 13 named servers but they are anycasted as well. There's not just 13 root servers that power the net..there's 13 root server names yes but not only 13 servers. http://blog.icann.org/2007/11/there-are-not-13-root-servers/

  2. Joe

    What's next DCK? How about a play by play on how to destroy all emergency response..... Hospitals, police, fire....etc. We should try to use some common sense and resist the urge to publish stuff like this. Here's an idea give your writers a day off on the weekends.

  3. Gary

    Corrected version. Write whatever you like, but not for public consumption. Whoever approved this being published should be fired. i am on several disaster recovery committees, this is not a subject for general publication. How do you think some of the other movements and activities got started, Duh? I will be cancelling and further exposure to this lameness as well as my colleagues.

  4. Bill Kleyman Post author

    I absolutely had no doubt that there would be comments across the board on all of this. You should have seen the kinds of "feedback" I received when I wrote an article on advanced robotics entering the data center... "What are you talking about, you've never been in a data center... "Robotics and automation have no place in a data center..." and so on. But there were also good, thoughtful comments around the topic too. Now on to this... @William W - You're right. Going after root servers - in the grand scheme of things - makes very little sense. These servers are in fact replicated hundreds of times over; just like I mentioned in the piece. Resiliency is especially changing with IPv6 adoption. So, of all the scenarios painted, going after root server is probably the most pointless.

  5. Bill Kleyman Post author

    @Joe - The point wasn't to give a play-by-play here. None of this is secret and ALL of this information is very widely available. Let's be honest here - there are methods of crippling the Internet that weren't even mentioned here. Educating people around the realities of how we connect means more technologists will understand the intricate workings of the Internet. Regardless of whatever I wrote - undertaking such a task is absolutely monumental. It was a shocking, and eye-opening article for a lot of people. The hope is to improve Internet resiliency through educating other cloud and technology professionals. And the day off on the weekends does sound nice... :)

  6. Bill Kleyman Post author

    @Gary - I am NOT the first one to write about vulnerabilities our data centers, cloud, and Internet infrastructure are facing. In fact, much larger media outlets have covered these kinds of topics with a lot less detail and a lot more speculation. This kind of information can realistically improve DR/BC planning. How about this kind of comment I received earlier - "Thanks Bill - I actually had no idea so much Internet traffic passes underneath the oceans." I'm all about better educating technologists so that they can make better infrastructure decisions in the future. If that ticks one or two people off but enlightens 4-5 others -- I'm OK with that. Bottom line: This kind of feedback is A LOT more useful than you guys think. In fact - I see it as a challenge. My next article will revolve around "Why the Internet Won't Go Down." I ran out of writing space here so look for second article discussing physical as well as logical Internet resiliency points. Should be a good one. As always - Thank you for reading and thank you for commenting!