While most of us have been distracted by the unsurprising lacklustre earnings announcements from information technology companies over the past week, a large-scale Internet attack occurred last Friday, bringing most of the Internet network in the north-east of America to its knees. The outage also affected some parts of the UK and other regions of America, though these were spared the worst.
The attack was a large-scale “distributed denial of service” attack where hackers are able to flood a website with so much traffic that it simply collapses under the load. The attack crippled the computer servers of a company called Dyn in New Hampshire, US, and came in waves throughout the day. Dyn is a part of the backbone of the Internet, since it is one of the companies that provides domain name services or DNS to Internet users, and translates simple English-based commands like “livemint.com” typed into a browser into the actual numeric addresses that the Internet’s computers use to identify each website. Users can’t remember a string of numbers like 184.108.40.206 for each website; all they want to do is type in the name that they are familiar with. These DNS firms act much like automated phone directories so that this can be accomplished.
As a result of the attack, many users were unable to connect to popular websites and platforms such as Twitter, Github and Amazon throughout the day. The attack has since ceased, but the US’s Federal Bureau of Investigation has said it is “investigating all potential causes of the attack” and the UK’s home office is also looking into the matter. As I write this, no one has yet been able to point a finger at any one nation or group, though many groups will no doubt come forward to claim responsibility.
This outage was astonishing in its ferocity, especially since it co-opted the much vaunted Internet of Things (IoT) into the attack. Security firm Flashpoint has said that it believes that seemingly innocuous items such as video recorders, webcams, closed-circuit security cameras and the like were taken over by malware, and then, without their owners’ knowledge, were used to help execute the massive cyber attack. It claims that hundreds of thousands of such devices were co-opted into the attack by being infected with malware. This malware, called Mirai, was released by an anonymous hacker named Anna-senpai some weeks ago. As the IoT proliferates even more into the everyday items that we install in our homes, one can only expect that this number will go up in geometric progression, and that future attacks by hackers will become even more ferocious as a result.
In last week’s column, I had written about how The Washington Post has already warned about the fact that the US losing primacy in the digital revolution now taking place can have serious effects on cybercrime and warfare. Interestingly enough, the US gave up its hegemony over the Internet just a couple of years ago to a not-for-profit (but still US-based) group called Icann. Icann, or the Internet Corporation for Assigned Names and Numbers, now manages the master keys for the DNS backbone of the Internet. There are only seven individuals from all over the globe who actually hold the master keys to the Internet—the DNS registry—and a further seven individuals as back-up. These 14 individuals have been chosen carefully to make sure that no one country is over-represented.
Each of these 14 keys are actually physical metal keys to safety deposit boxes, which in turn carry smartcards, which then in turn activate a machine that creates a new master key for the Internet. Icann holds highly secure meetings four times each year during which it conducts an elaborate ceremony called the “Root Signing Ceremony” that can quite literally form the stuff that spy movies are made of, with windowless rooms and steel doors that require biometric scans, PIN codes and smartcards to open. During these ceremonies, the master key that was in existence for the past three months is scrapped, and a new cryptographic key is generated by a single high-security computer, which is then uploaded to servers like the ones owned by Dyn, dictating who owns .com, .net, .in, .org and others.
No, this is not part of the script for a James Bond movie. It is how the Internet actually works. One can’t even begin to fathom what might happen if one of these ‘ceremonies’ was somehow compromised, and the master key came into the hands of criminals or terrorists. Last Friday’s attack mainly affected Dyn, which is only one of the companies that controls domain names—there are several others like it. But control over the master key would mean that all firms who provide domain name services could be compromised, thereby annihilating the Internet as we know it.
No one really knows who put Icann in charge. Some claim that it’s the ‘online community’ while most others realize that it could only have been the US agency that was originally entrusted with this responsibility. Many other countries, such as Brazil, Russia and the EU have questioned this and have suggested that it be put under the auspices of the UN. It seems the view I have expressed in earlier columns about the need for a global body like the UN to monitor and manage both the security as well as the equitable distribution of technology has more takers than I first thought.
Siddharth Pai is a world-renowned technology consultant who has personally led over $20 billion in complex, first-of-a-kind outsourcing transactions.