Taking Down the Internet
Recently I read an article about how undersea cables were cut, causing internet outages around the middle east. This has revealed how physically fragile the network is. Since so much of the traffic is routed through so few cables, it doesn’t seem particularly difficult for an organized group to attack them. Therefore I thought it would be interesting to do a security on the physical infrastructure of the internet.
Assets and Security Goals:
The most obvious asset is access to the whole internet. Other than simply minor inconvenience, many people, companies, governments, etc., depend on it for global communication and other uses. Another asset might be privacy, since even though the cables are underwater, at various points, there are only one country nearby. Therefore I thought it might be possible for a country to eavesdrop on it without being detected. However, people can already do that over land cables so protecting against that might not be an important security goal.
Potential Adversaries and Threats:
The main adversaries are any organized groups. They can do anything they want without any repercussions. Another might be the governments. However, if they are caught, they might face international repercussions, but since they have much more resources, it can be easier to temper with the cables undetected.
Potential Weaknesses:
The main weakness is that so much of the traffic is routed through only a few cables that are left relatively in the open. From the article, it seems that the connection can be disrupted fairly easily. With an organized effort, it should not be too difficult to do it intentionally. Since they are underwater and unguarded, it would be possible to temper with them and avoid detection for some time. However, that would take a lot of resources to pull off.
Potential Defenses:
A possible defense for protecting accessibility would be redundancy. The traffic would ideally be spread across many different cables, routing through different locations and using different technologies such as satellites. If they are spread across different locations, it would take much more resources to destroy them all. With wireless technologies such as satellite, a physical connection would not exist for adversaries to attack. Also, since the traffic is spread amongst more routes, one would not gather as much information eavesdropping on a single cable.
Risks/Conclusion:
Since the internet plays such an important role in many people’s daily lives, keeping the infrastructure intact and operational is crucial. There might be people who would like to deny certain groups access to the internet for political, economical, and other reasons. In the current state, it might be feasible for a group to attack it. I believe it is a good idea to have redundancies early both for security reasons and the fact that eventually we will out grow the capacities of the current cables.
Comment by zaxim
February 4, 2008 @ 11:10 pm
This outage actually affected me recently. I was having terrible connection speeds trying to talk to my dad in Saudi Arabia over Skype (insecure in itself 🙂 )
But I think one of the best points you make is about redundancy. I really have no idea why they haven’t moved towards more satelite connectivity, because fiber optic cables are a ***** to repair, especially underwater.