The Internet was originally invented to be a communication network that could survive a nuclear war. Ironically, the monster that grew from that idea known as the World Wide Web is actually very, very fragile. They didn't anticipate what the Internet would become--because they weren't fucking insane--and as a result, the whole operation now sits on a rather shaky foundation.
Considering how much people freak out when a single big site goes down (everyone remember the Great Gmail Outage of '09?) it's clear that most of us think of the Internet in general as pretty much invincible. If an asteroid smashed into the Earth tomorrow, millions of us would immediately pull out our phones to try to get Twitter updates from the affected area.
"It must be pretty bad. Ashton Kutcher hasn't tweeted in days."
But the truth is, the Internet travels from continent to continent by way of a network of trans-oceanic cables, each thousands of miles long and only as thick around as a thumb. If enough of these high-pressure porn hoses were compromised, international Internet communication could collapse entirely.
Since these cables are the backbone of a huge portion of the global economy, they must be pretty well protected, right? Guards in armored diving suits, badass nuclear submarines inexplicably captained by Scotsmen, Kraken...
We're pretty sure AT&T has at least one of these at their disposal.
As it turns out, the cables aren't protected at all.
And it's not like they're impervious to damage either. The largest of them, hilariously named "SEA-ME-WE-3" was severed by a 7.1 magnitude earthquake, and in December of 2008 a boat anchor sliced it and three other cables in half. The disaster cut communications capacity between Europe, the Middle East and India by around 75 percent.
Hundreds of millions of people spent weeks without reliable (or, in some cases, any) Internet access. Because of an anchor.
Nukes are hard to come by, but we're pretty sure Al-Qaeda can scrounge up one of these.
Though, some skeptics point out that the idea of three separate cables being cut "accidentally" by anchors within a few days of each other is a little far-fetched. They've proposed terrorists, Israel, drunken fishermen and the Pentagon as possible alternate causes.
So What Can We Do?
Nothing. Remember the SEA-ME-WE 3 cable we told you about? It's more than twenty-thousand goddamn miles long. Look at this map of all the undersea cables. There's no way you could police all of that, not even with a thousand Krakens AND Bill Murray in a scuba suit.
You'd need at least two.
On the plus side, it's not exactly hard to repair a damaged cable. These things get busted up all the time, which is why the telecoms that own them have repair boats on stand-by. That means everything should be fine unless some bad guys think up a way to really fuck them up.
"OH SHIT THEY'VE TRAINED THE SHARKS."
You may not have heard of Leo Kuvayev, but you've gotten a shitload of emails from him.
He's one of the most influential men in the spam industry. He has headed up several of the world's largest spam networks and is one of the people most responsible for the way spammers operate today. Despite being wanted in several countries, Kuvayev remains free (and fabulously wealthy) to this day. He lives in exile in either Tahiti or Finland.
The face of a billion displaced Ethiopian princes.
While breaking Leo's kneecaps with a baseball bat would be both morally justified and incredibly cathartic, you may want to keep your righteous anger in check. It's generally a bad idea to fuck with supervillains. Leo is believed to be the man in charge of the Storm Botnet, a massive network of hijacked drone computers that may number in the tens of millions. If he wanted to, he could turn that vast robot army on you.
But hey, what's the worse a few million zombified computers can do? They might be able to blast you off of the web for a few days, but there's no way a botnet could cause lasting harm to the whole Internet. Right?
To give you a sense of scale, Storm is estimated by some to be responsible for a whopping 20 percent of the spam on the Internet. That measures out to billions of messages every single day, including tens of millions of emails laden with viruses that create more bots. Some experts estimate that the botnet is powerful enough to muscle entire goddamn countries off of the Internet.
While Storm is the first botnet to attain this kind of power, it won't be the last. The Storm botnet grew from the Storm Worm, which was spread through a series of spam messages with provocative titles like, "230 dead as storm batters Europe" and "Chinese missile shot down USA aircraft." People across the world (but mainly in the U.S.) saw what they thought was an important news story in their inbox, opened the email and were immediately infected with the worm.
And just wait until he unleashes Big Worm.
This testical-shrivellingly terrifying video tracks the exponential spread of the botnet. Imagine what someone with grander designs than life as a spam kingpin could do with that sort of power. Entire nations and corporate networks could be brought to their knees, world communication and trade would be disrupted. The Internet as we know it would be rendered almost uninhabitable.
So What Can We Do?
Conventional cyber-warfare tactics are useless against the botnet. As soon as a computer is infected, the worm lobotomizes and re-programs any existing anti-virus software, rendering it harmless. The botnet also has active defenses, and has gone on the offensive and D-DOSed several major anti-spam sites into oblivion. Back in February of 2007, the botnet even attacked the 13 "root" servers that make up the backbone of the Internet's infrastructure. Two of them were severely damaged.
Operating at only 10 to 20 percent capacity, the Storm Botnet has national security experts and anti-spam crusaders pissing themselves in terror. To put things in less technical terms: Leo Kuvayev is tooling around the Internet in an M1 Abrams tank, and the authorities are trying to stop him with sticks and stones and harsh language.
Quit it you big meanie!
The only real defense against a threat like the Storm Botnet is knowledge. All we need is for the entire Internet-using public to become tech-savvy, intelligent and careful about what they click on. Shouldn't be a problem.
Imagine the Internet is a river. In order to get to your destination (website) you need to pay (with a URL) the ferryman (a DNS server) so he can paddle you to your destination (John Mayer/Hulk Hogan slash fiction websites).
Your body is a wonderland.
Now imagine brigands (hackers) ambush the ferryman before he can get to you. They hand him his infant daughter's severed ear, wrapped in a stained white cloth. They tell him to paddle his next fare to bandit island (spyware-riddled websites) if he ever wants to see his beautiful family again.
Thankfully, the Geneva Convention doesn't apply to metaphors.
Of course, this being the futuristic year of 2010, such crude hijackings can't actually happen on any kind of large scale, right?
Back in 2007, Microsoft discovered a massive vulnerability in their DNS servers that could allow them to be hijacked by a hacker. Then, in 2008, the DNS Survey revealed that as many as one in four public DNS servers were highly vulnerable to attack. Programmers and security experts set frantically to work in order to correct the issue. They got a handle on things just in time for another gigantic goddamn problem to pop up.
It's like a game of Root Beer Tapper, but with the entire Internet at stake.
The Internet doubles in size every five years or so. This insane growth has led a massive expansion in the number of DNS servers. More traffic means more ferrymen. The thing is, the Internet's real, chief weakness is that it was built by people. Many of those people were diligent, careful workers, but most of them were just like the rest of us; lazy, irresponsible and frequently intoxicated. Millions of these new servers were set up without any security whatsoever. They allow open access to anyone with the know-how to hijack them. This is actually even scarier than it sounds.
In addition to controlling where our browser takes us when we hit "enter," the DNS servers are what direct your email. With control of the DNS server it passes through, an intruder could stop and redirect your email, or riddle it with viruses and then send it on its way.
That inspirational poem Grandma forwarded to you may have more viruses than Bret Michaels's hot tub.
This isn't theoretical. These vulnerabilities exist now, just waiting for malicious assholes to take advantage of. It could happen tomorrow, or next week, or right n-
So What Can We Do?
The safety of the Internet at large rests in the flabby hands of a brave, thankless few and they've been busy getting patches out to cover this particular flaw. But that was a Band-Aid solution and the permanent fix appears to have problems of its own.
This is the point where understanding the issue requires several years of education in exactly how DNS servers work. So we'd like to pause here to express wonder that the Internet works at all.