By Binoy Anto.
21 May 2021 11am IST
Please select PLAY, to Read This Article for you in a Female Voice. Press Download to hear later.
https://binoyanto.net/wp-content/uploads/2021/05/Internet-Shutdown-3.mp3
Life without the World Wide Web seems nearly unimaginable, but a number of people would be affected if it were to go out. Globally, only about half of the world has internet access; however, in the U.S. less than 1% of the population doesn’t have an internet connection,
Over the past few years, the internet has become woven into the fabric of our society. Everything from banks and hospitals to the military and utility systems relies on the internet in some way, shape or form.
Take a moment to imagine with us: What would happen if the internet went down for a day?
If the entire internet shut down at once? One imaginative stumbling block, in playing out the implications of that scenario, was how something like that could happen in the first place. And so — without advocating any of the methods described below, or strongly suggesting that hundreds or thousands of like-minded heroes band together to take this sucker down once and for all — we’ve asked a number of cybersecurity experts how exactly one would go about shutting down the entire internet.
Please visit http://binoyanto.net for more articles like this.
Who relies on the internet today?
Nearly everyone in the United States uses the internet, and our reliance on it grows every day.
“Many of those who founded or invented the early conceptions of the internet did not anticipate how reliant society would become on digital networks,” William H. Dutton, a Senior Fellow at the Oxford Internet Institute and author of Society and the Internet: How Networks of Information and Communication are Changing Our Lives.
“Many were focused on sharing information among academics, and did not imagine everyday banking and shopping moving online as it has.”
Since the creation of the internet, it’s grown rapidly and every day there’s a new use case being created — some good and some bad.
“But in the case of the internet, it has been overwhelmingly a good thing — enhancing the information resources of individuals and institutions worldwide,” Dutton said. “The problems are becoming a focus because so many were caught unaware, but they are minor compared to the benefits.”
What is an internet shutdown?
Also known as blackouts or kill switches, internet shutdowns are when an entity, like a government or non-state actor, intentionally disrupts access to the internet or certain apps, in order to control the flow of information in a country or region.
Specifically, AccessNow, an international NGO that focuses on digital rights, defines an internet shutdown as “an intentional disruption of internet or electronic communications, rendering them inaccessible or effectively unusable, for a specific population or within a location, often to exert control over the flow of information.”
A shutdown can take the form of blocking, when certain websites or apps are inaccessible; or full blackout, when internet-based applications, platforms, and pages are inaccessible.
A related term, throttling, refers to the intentional slowing down of network connections. It can affect the entire network, or be used to target specific apps, websites, and IP addresses.
So, is there an “off” button for the internet?
No. What governments do is order internet service providers (ISPs) to restrict network connectivity or block certain websites or apps. ISPs may comply with government orders out of fear of retribution of legal action.
For instance, in 2019, the Zimbabwean government ordered the largest telecommunications company in the country to shut down all internet services. The Chairman wrote on Facebook, in a message inaccessible to most in the country, that they had to comply or management would face “immediate imprisonment”.
Rights organisations encourage ISPs to push back against “unjustified internet shutdowns” to avoid complicity in human rights abuses.
In cases where the government controls the internet infrastructure, in whole or in part, it can simply restrict access on its own, without having to go through another party.
Some countries are also developing individual, “closed-off internets” which would allow governments to cut off the country from the rest of the world wide web.
Can people bypass the shutdowns?
Yes, to a point. In some cases, getting a virtual private network (VPN) can allow users to securely connect to the internet and access banned or blocked web pages and apps. Many users in Myanmar are currently turning to VPNs or using international SIM cards to access blocked sites and communications services during the blackouts.
Since governments can limit access at the server level, meaning that it can control all traffic coming in and out at the hardware level, they can make it so that VPNs are not allowed through as well. Most countries don’t do this, but there have been efforts to block, limit, and/or ban VPNs in places like Kashmir, Russia, and China.
Is it legal?
It’s legal in many countries, but the UN has condemned the practice.
Several countries have laws in place that allow the government to shut down the internet or take over telecommunications networks for reasons of national security or public safety. For instance, the “Temporary Suspension of Telecom Services (Public Emergency or Public Safety) Rules” in India allow the government to suspend internet and telecommunications services. India is ranked first in the world for its internet closures, particularly in Kashmir, where the practice has been called a “digital apartheid”.
In 2016, the UN adopted a landmark resolution that condemned “measures to intentionally prevent or disrupt filt access to or dissemination of information online” as violations of international human rights law.
Why is this important?
Digital access and the internet are human rights issues. In addition to limiting the right to freedom of expression, assembly, and privacy, disruptions can create cover for state violence and human rights abuses.
Broad measures like internet shutdowns in the name of security and protection are used to suppress dissent and smother freedom of expression. They hinder journalists from doing their jobs. They also have many economic, political, and social costs: ordinary citizens are left unable to reach their loved ones or perform everyday tasks like paying bills and taxes, accessing healthcare, sending money to family, or moving around. Citizens are also prevented from running or buying from online businesses.
In 2020 alone, the shutdowns resulted in a $4.01 billion loss globally.
Please visit http://binoyanto.net for more articles like this.
Experts Say
Ryan T. Wright
Associate Professor of Commerce and Associate Director of the Center for Management of IT at the University of Virginia, whose research focuses on the human elements of cybersecurity, among other things
First, it is highly unlikely that the internet could be universally shutdown. Internet infrastructure consists of several redundant connections that make it near impossible to bring down the entire internet unintentionally or accidentally. Internet traffic is resilient and can dynamically reroute around any problems.
Bad actors would be the most plausible reason for an internet outage. Two critical internet systems that could, if attacked or exploited, bring down the internet are BGP and DNS.
BGP, or Border Gateway Protocol, is used to route traffic on the internet. There have been several attacks that hijacked BGP to reroute traffic, thus breaking the internet. Just this summer, a large amount of mobile internet traffic in Europe was rerouted to servers in China.
DNS, or domain name system, resolve web addresses such as www.gizmodo.com to the Internet Protocol (IP) address 151.101.194.166, much like a phonebook can be used to look up a telephone number. The IP address is necessary to route traffic on the internet. Bringing down the root DNS servers would disable the ability to lookup IP addresses and therefore “break” the Internet. The attack on Dyn’s DNS servers is an example of an attack on DNS servers that brought down the internet for a portion of the US.
The good news is these critical systems are widely known as points of failure for the internet and therefore, heavily monitored.
Assistant Professor, Management Information Systems, University of Arizona
Everything being connected today may bring along significant convenience, but it also implies that everything can be hacked. What if the nation’s power grid were successfully attacked? No electricity also means no internet access. The internet also relies on physical infrastructure, such as subsea cables and other fiber cables: any infrastructure issues (cable cuts, damages), whether due to criminal activity or natural disasters that were to affect major subsea cables could potentially shut down the Internet.
In a different sense, authoritarian governments can also potentially shut down the internet if they somehow all colluded against it, either blocking internet access to citizens altogether (we have seen that in Egypt during the Arab Spring, for example, or in the Democratic Republic of the Congo during a period of unrest); or substantially limiting it (we see that in countries where internet censorship is widespread and information access is controlled by the central government, as it happens in China). There are ways around censorship, of course: Privacy Enhancing Technologies, or PETs, such as virtual private networks or VPNs, and anonymous browsers such as Tor, can help circumvent it, but censorship essentially prevents the vast majority of the population, who may not be familiar with these tools, to access the internet, de facto making it disappear.
Jeremy Straub
Assistant Professor of Computer Science and Associate Director of the North Dakota State University Institute for Cyber Security Education and Research
There isn’t some gigantic on-off switch: The internet is a diversified platform, a lot of different networks connected to each other, so there’s no good way to turn it off.
Fundamentally, you have to think back to the original conception of the internet, which was to try to create a distributed network that could survive attacks on different government or military installations. It was designed to be resilient to external threats — but not necessarily to internal or peer-level threats, which is where you probably see the greatest potential risk factors.
When certain countries have tried to turn the internet off — in the whole country or in specific regions — they use techniques that basically interfere with or deny some of the services that people use online, or they take control of the actual pipeline to the rest of the world. The Great Firewall of China is an example of the latter — they filter the web, looking for things that are not appropriate. On the other hand, when people have tried to turn off the internet in just one region, or deny access to particular groups, that has typically been accomplished through interfering with a service such as DNS, to make it so that, for at least those that don’t have a ton of technical knowledge, the internet just looks like it’s not working, even though you might have a lot of what is actually needed to have an internet connection. Denying critical services reduces the ability of the internet to work for most people, and makes large coordination a problem.
Certainly, there’s a lot of stuff on the internet that isn’t critical infrastructure — these are things that are ancillary, but which many people would consider important communications channels. Things like Facebook, for instance. Nobody’s going to immediately get injured or die if Facebook went offline — but it might push traffic that’s typically on that platform to a different platform, like the telephone, which might not be able to handle that influx.
More important are the critical infrastructure systems — things which, if they stopped working, would cause immediate danger. For instance, gas and power in the winter, or keeping reactors in check, and making sure water systems are working. The internet being knocked out isn’t going to cause the power to shut down — but knocking out the power is going to knock out the internet. So if somebody was really trying to deny internet access in an area, they might make that their target.
The next tier would be commercial systems — if a company’s website goes offline, it’s not going to cause famine, or injure or kill someone, but it could be very detrimental.
Acts of Terrorism, DDoS, Attacks on Countries and Services
If you want to commit the greatest conceivable act of terrorism and declare a version of war against every country on the planet, you only need to take the world offline.
So many facets of human life are nowadays facilitated by a giant machine called “the internet,” which networks the world to unlock all kinds technological convenience. By instantaneously moving information from one place to another, the internet touches everything we depend on in 2016 — our transportation systems, our mortgage payments, and our Amazon purchases alike. To say goodbye to it permanently wouldn’t be like losing a limb; it would require a whole new worldview.
Malicious actors have previously made parts of the internet disappear for some people. It happened as recently as October, when a distributed denial of service (DDoS) attack against a company called Dyn temporarily made A-list services like Reddit, Twitter, and Spotify evaporate. Acting as a type of phone book for the internet, Dyn provides domain name system services to these and many more sites, so when you type, say, “www.facebook.com” into your browser, Dyn translates this into the numerical IP address of the server you want to access.
Domain name system service providers are what make the internet usable for humans. When hackers successfully overwhelmed Dyn’s servers with bogus requests for information, the system could no longer handle legitimate traffic. A fundamental infrastructure that makes part of the internet work had been turned off, and with Twitter down, no one could tweet their complaints about it.
But what would it take to multiply this effort such that the entire internet was permanently taken down? How many people would it take to pull it off?
Though many computers were involved in the attack against Dyn, it theoretically would have taken only one person to steer the ship. The weapon of choice for these situations is a “botnet,” or a collection of private computers infected by the same malware, granting a third party some control over these machines. A botnet of a few thousand infected computers could be used for everything from sending spam email messages to manipulating online polls. A botnet owner with a few hundred thousand internet-connected computers at his or her disposal could cause much higher-profile problems, like making Facebook disappear for the internet-using public.
But can one person take down the entire internet? “The answer is no,” says Gleb Budman, CEO of BackBlaze, a backup company and cloud storage provider. “Even the large-scale attack against Dyn still only knocked out certain sites down for certain people for certain amounts of time. That myth is busted.” And as a botnet relies on the internet to work, it can’t destroy the system that enables it.
It’s difficult to cripple the web because it’s extremely robust. In his book Tubes: A Journey to the Center of the Internet, author Andrew Blum calls it a “network of networks” — it has no single off switch, but is instead a collection of layered systems that interact with each other to keep us online and connected at all costs. This means botnet-enabled denial of service attacks have more in common with vandalism and short-lived inconvenience than they do with actual lasting damage. But this hasn’t stopped people from seeking to do more genuine harm to the internet.
In the age of wi-fi, it’s easy to forget that most of the internet is still physical. Our communication with distant parts of the world is made possible only because an immense system of communication cables sits on the ocean floor, connecting continent to continent. You can browse a map of these cables here. Large countries are connected at a number of points, meaning their web traffic is easily rerouted around digital roadblocks; a host of detours are available when a country needs them.
But consider a smaller nation like New Zealand, connected to the rest of the world by just two cables. With a couple serious snips in the right place, an entire country gets knocked offline (divers in Egypt were caught doing exactly this in 2013). If this seems like a like an obvious problem deserving a resilient solution, you’re right: The consensus is that these essential cables are “surprisingly vulnerable.” Earthquakes, deep sea divers, large anchors, and even sharks have taken areas of the globe offline for a few days to a few months.
Please visit http://binoyanto.net for more articles like this.
