Could the next terror target be the Internet?

With all the talk about terrorism and the clear and present danger of future attacks, a technologist’s mind naturally turns to information warfare. What if the next attack is not against a building or an airport or a shopping mall, but against the Internet?

That would be great, frankly. I’d rather go for a whole month with the Internet in shreds than see another person hurt.

The question of the Internet’s vulnerability to terrorism came up at a Network World (U.S.) Security Town Meeting that I co-hosted last month. Could the whole Internet be taken down? No. But you could take down such huge chunks that there wouldn’t be much left to worry about.

How could you take down most of the Internet? Border Gateway Protocol (BGP) is one easy way to start. The entire Internet depends on huge BGP tables of more than 100,000 routes. In the early days, these tables were validated against routing registries that ensured bogus information could not be injected into the tables. Nowadays, that doesn’t happen. Keeping those routing registries updated and synchronized is just too expensive and inconvenient.

The lack of a global routing registry means that it’s fairly easy to create routes to nowhere. It doesn’t happen a lot, but it’s happened in the past, more than once. Someone gets mad at someone else, or transposes a couple of digits, or lets information leak from inside their network, and adds a route to the global tables. Suddenly the packets stop flowing in the right direction.

If a determined attacker were to start injecting routes into the BGP tables, the ripple effects could be enormous. Every time a route is added, information propagates over the entire Internet – the core routers at every major (and many minor) ISP have to process the update. Add enough bad routes in enough locations, and the multiplied effect of processing and passing all that information around could cripple routers around the world.

Is it trivial for someone to take down the entire Internet? No, definitely not. It would take brains, coordination and control of zombie systems and routers at dozens or hundreds of ISPs. But as we learned when distributed denial-of-service attacks started showing up, there are a lot of clever people on the Internet who have malicious intentions. All the more reason to keep working on your disaster-recovery plan.

Snyder, a Network World(U.S.) Test Alliance partner, is a senior partner at Opus One in Tucson, Ariz. He can be reached at [email protected].

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now