Worldwide Internet Outage: How it Could Happen and What it Could Mean
Imagine a full 24 hours without internet. No way to see a photo of what your friends ate for lunch, and certainly no way to Google why the internet doesn’t work. Facetiously speaking, it would be a disaster. Factually speaking, though, it would be an even bigger disaster.
Whether your biggest internet-free worries are related to Instagram or the state of global financial markets, the idea of a worldwide internet outage probably seems like something out of a dystopian movie. According to at least one security firm, however, not only is a 24-hour worldwide internet outage coming, but it’s bearing down on us in 2017. The culprit? A DDoS attack.
The dire claim
Technology security vendor LogRhythm is the firm behind the internet outage prediction. LogRhythm’s Chief Information Officer James Carder has gone on record saying the entire internet will shut down for 24 hours in 2017, and he points at the major cyberattacks of 2016 as harbingers of the catastrophe that’s coming.
Specifically, Carder mentioned the massive distributed denial of service attack against the Dyn DNS server that smacked such major sites as Twitter, Netflix, PayPal and Spotify offline for hours, as well as the attack on security blogger Brian Krebs. He summed up his thoughts by saying that if an attacker can take down such huge sites and such a significant portion of the US internet for hours, a 24-hour outage seems easy to accomplish.
Distributed denial of service or DDoS attacks use the immense resources of a botnet, which is a network of hijacked internet-connected devices, to overwhelm the resources or eat up the bandwidth of a target website or other internet resource. The end result of a successful DDoS attack is a website or resource that is either offline or so slow it’s unusable, denying services to its users, causing anger and a loss of loyalty amongst those users. DDoS attacks can also cause hardware and software damage, or be used as a distraction for a data breach.
Distributed denial of service attacks have been in the news steadily for the last few years, but many website owners didn’t need the recent media attention to know just what DDoS attacks can do. The already-common DDoS attacks have exploded in popularity with the advent of botnet for hire services that allow anyone, even those with minimal IT knowledge, to direct an attack at the target of their choosing cheaply and easily, making targets of websites and business ranging from mom and pop shops to major enterprises.
The Mirai escalation
The Dyn and Brian Krebs attacks referenced by LogRhythm’s Carder were a major escalation from the standard DDoS attack. Both attacks originated from the Mirai botnet, which is made up of hundreds of thousands of Internet of Things devices. The attack on Krebs came first, thumping his website offline for days. At the time, the 620 Gbps attack was the biggest in the history of the internet, a record that held until the 1.2 Tbps attack on Dyn that grabbed the world’s attention by rendering some of the internet’s most beloved services unusable.
These attacks were bad enough when they were merely attacks, or a showcase of what the Mirai botnet can do in order to entice botnet for hire service users, but Carder views both as attacks as tests, likening them to missiles fired into the ocean.
An internet outage would affect the day to day life of billions of people, of course, but the consequences would extend far past inconveniences like being unable to access social media or email. Not only would global financial markets tank, causing immense chaos, but credit card transactions would become impossible, as would bank to bank transactions.
As the financial world descends into chaos, so too will many businesses as supply chains would be completely shut down. This could potentially impact everything from order fulfillment and shipping to food and other essential product supply.
In terms of healthcare, many hospitals have contingency plans in place for outages and also have internal databases from which much of their information is drawn, however being unable to garner information from outside of the hospital would assuredly hamper hospital services. Many home healthcare measures could also be in danger as plenty of monitoring devices now rely on the Internet of Things to transmit vital information or send out alerts for emergency help.
The average website or business owner can’t do anything to prevent a worldwide internet outage, unfortunately, as the target(s) of the attack will be DNS servers, data centers and other major internet infrastructure. It may be worthwhile for businesses to develop contingency plans to try and keep as close to business as usual while offline.
What is definitely worthwhile is investing in professional DDoS protection. It doesn’t have to be an internet-downing attack to cause utter devastation, especially for small to medium sized businesses that may not be able to withstand the user or customer base erosion that can be caused by hours or days of downtime. Even if the worldwide internet outage nightmare never comes to pass, businesses and website are awaking to their own outage nightmares every day, the kind that make the inability to use Snapchat or Ebay seem like a single drop of rain.