Are Massive Internet Shutdowns in Our Future?

Vahid Salemi

Telework and telemedicine have emerged as important American responses to the spread of the Chinese plague. While telecommuting has been authorized by many US employers for certain categories of their employees – in some cases for years – American businesses, federal, and state agencies, and schools are accelerating teleworking for their employees and students during this crisis. It is even possible that telecommuting will become more firmly accepted as a workplace alternative after the virus has been controlled.

Teleworking enables a person to work from home or other location using home computers, telephones, and mobile devices such as iPads while maintaining contact with managers, colleagues, customers, and/or a central office or place of employment.

Telemedicine involves the use of telecommunications technology to enable health care professionals to evaluate, diagnose and treat patients at a distance without having direct physical contact with patients. Telemedicine is in its relative infancy but is also being greatly expanded in order to remotely diagnose and treat people infected with the Wuhan virus (and other maladies). We are going to see an explosion of telemedicine services in the months and years to come.

Both telework and telemedicine require secure access and dedicated secure telecommunications in order to protect information and data. With increased demand, there are many security implications as dependency on the internet and virtual communications increase, as noted here:

The dramatic expansion of teleworking by US schools, businesses and government agencies in response to the coronavirus is raising fresh questions about the capacity and security of the tools many Americans use to connect to vital workplace systems and data.

As they increasingly log on from home, Americans are having to meld their personal technology with professional tools at unprecedented scale. For employers, the concern isn’t just about capacity, but also about workers introducing new potential vulnerabilities into their routine — whether that’s weak passwords on personal computers, poorly secured home WiFi routers, or a family member’s device passing along a computer virus.

Experts recommend brushing up on digital hygiene and safety tips as opportunistic criminals seek to exploit the coronavirus crisis. According to the Seattle-based information security company DomainTools, hackers are increasingly creating coronavirus-related websites, apps and tracking tools meant to lure those who are simply seeking information — but which actually spread malicious software that can lock your device.

Millions of more Americans dependent on the internet provide millions of more targets for our potential adversaries like the Russians and Chinese, who excel in cyber espionage and denial of service attacks. The Russians appear to have developed and are deploying new cyber tools aimed at disrupting internet services, as noted here:

As the world hunkers down in coronavirus isolation and relies on the internet more than ever, a group of dissidents has revealed that Russia has new tools to shut down internet services by tapping internet-connected cameras and similar smart devices.

It’s a new version of an old weapon — a creator of botnets that can drive an internet service offline with floods of fake data — that puts to use a previously untapped source of computing power: the ever-growing “internet of things.”

The new botnet tool was revealed in documents that give instructions for using a suite of hacking apps called Fronton, Fonton-3D, and Fonton-18.

[I]t means that the Russian government has a new tool for creating a DDoS-capable botnet. These botnets harness the computing power of millions of internet-connected things, direct them to spew random data at specific computers, and overwhelm vital services into uselessness.

[D]ocs show a consistent appetite among Russian security services to target the Internet infrastructure of perceived adversaries. “Russian security services, per the Russian domestic internet law, are clearly concerned about the vulnerability of physical internet infrastructure to exploitation and manipulation … [and] indicate a similar interest on the part of the FSB in exploring how internet functionality could be compromised in other countries.”

Akamai provides this summary description of a botnet and how it works:

A botnet is a collection of internet-connected devices infected by malware that allow hackers to control them. Cyber criminals use botnets to instigate botnet attacks, which include malicious activities such as credentials leaks, unauthorized access, data theft and DDoS attacks.

Botnet owners can have access to several thousand computers at a time and can command them to carry out malicious activities. Cybercriminals initially gain access to these devices by using special Trojan viruses to attack the computers’ security systems, before implementing command and control software to enable them to carry out malicious activities on a large scale. These activities can be automated to encourage as many simultaneous attacks as possible. Different types of botnet attacks can include:

  • Distributed Denial of Service (DDoS) attacks that cause unplanned application downtime
  • Validating lists of leaked credentials (credential-stuffing attacks) leading to account takeovers
  • Web application attacks to steal data
  • Providing an attacker access to a device and its connection to a network

In other cases, cybercriminals will sell access to the botnet network, sometimes known as a “zombie” network, so that other cybercriminals can make use of the network for their own malicious activities, such as activating a spam campaign.

The potential for mischief and real damage, such as compromising personal health records and proprietary databases and even a catastrophic massive shutdown of the internet, will increase as ever more Americans become dependent on the internet and virtual communications for their livelihood and medical care. The development and deployment of cybersecurity capabilities will continue to be a high priority of the US government and private sector.

The end.


Trending on RedState Videos