Before I step into “how” lets unravel what “Internet is” and the complex mechanism behind it. In a few simple words Internet is a vast interconnected network of data centers spanning the globe. These data centers have exchange points, protocols and routes that they have to follow. With every year that passes, the Internet becomes more and more resilient.
Step 1: Cutting the Wires
Satellites play a prominent role in the entire Internet connectivity and Mobile network across Globe.Bringing down a couple – or even all – of the satellites will actually do little to cut Internet traffic. Yes, it will cause an amazing amount of issues, but the Internet will most likely live on. At this point, roughly 99 percent of global Web traffic is dependent on deep sea networks of fiber-optic cables that blanket the ocean floor like a nervous system. These are major tangible targets creating very real choke points in the system.
As much as three-fourths of the international communications between the Middle East and Europe have been carried by two undersea cables, SeaMeWe-4 and FLAG Telecom’s FLAG Europe-Asia cable.However, a strategic strike that will take out the fiber optic cables or damage the entire wire will do the trick. If this is done at choke points you can disable or almost completely halt global Internet traffic.
Step 2: Destroy root servers
This part is bit easier than googling. Root servers do they are responsible for decoding .com, .net, .org. names before aligning them with the correct IP address. If you take out these servers, the Internet will no longer recognize the alphabet when you type in an address.
There are “only” 13 servers that do this (https://root-servers.org) you get the whole list of servers. Effectively, if you take these servers down, the only way to “browse” the Internet will be with a physical piece of paper, a pen and a really good memory around numbers.
The other interesting part is that taking down these servers and IPv6 won’t work either. Phones, computers, businesses, everything will stop. The challenge with this is that these severs are replicated and backed-up and replicated hundreds of times over. Plus, with IPv6 – how these data centers receive and process multiple IP address is changing as well. Still, a “mission impossible” style attack where backups are killed, replication is stopped and only 13 servers remain could make a catastrophic outage possible.
China, Iran, North Korea, Syria and a few other folks already have an “Internet Kill Switch.”
Step 3: Take out the Data centre
The modern data center does indeed house all of the major components around the Internet. It could work – here’s the list. At this point, you’ve cut the wires, and for your final act – you take down some of the major data centers and their exchange points. For those exchange points – here’s the list sorted by size. TelX, Equinix, NAP, TeleHouse, GlobalSwitch are all major data center carriers. They have around-clock-security. Even the most secured facilities can be broken into. A well-drawn out plan where major undersea wires are severed and a few of these data centers are destroyed will effectively take down the Internet.
Step 4: Massive solar event
It is catastrophal but it s possible .If there is a major solar flare – or a large solar storm communications can be affected. Still, the enormity of this storm would probably cause issues outside of just the Internet going down. Most likely, a massive flare will take out satellites first. On terra firma you would have massive magnetic frequency modulations which would disrupt communications. You’d probably have some serious health issues to go along with it. Again, it’s possible.
Step 4: Remove key people
Unfortunately, some of the key people responsible for overseeing and supporting Internet functionality will have to be temporarily displaced. These are the engineers, architects and key people that can help re-build the Internet should something happen. Without them, rebuilding core Internet components becomes very challenging. Imagine having to find experts who have to rebuild, literally, everything. A tough part but possible.
For how long it can be taken down
There will be other people that can help rebuild what needs to be put in place for the Internet to work. The question becomes the goal of the outage or the attack. If the attack is well thought out and executed, the outage can last many months. Taking down the Internet even for 6 months will pretty much place all of us back into the stone age when it comes to communications. Phone traffic, emergency communication, and a lot of other non-Internet dependent services also run through the aforementioned data centers. If you take those out, you don’t only eliminate the Internet, you also kill off a lot of services which utilize the same infrastructure as the Internet. So really, we have two questions: How do we take it down and for how long? In either scenario, we quickly realize that a reality in which the Internet is completely down is quite frightening.
Case Study: How the Hackers brought down the Internet on 21 oct 2016.
In the early morning of 21 October 2016, Dyn, a company that redirects traffic on the internet as part of the Domain Name System (DNS), reported that many websites were inaccessible. This happened in a series of waves over the course of the day. Web users experienced this as an inability to access some of the most popular sites. It was clear to investigators at Dyn very early on that this inaccessibility was the result of a massive, coordinated DDoS attack on Dyn’s DNS servers, a vital component of internet infrastructure.
It was a malicious attack on some of the backbone structures of the internet. In its scope and methodology, the attack draws attention to some of the innovations especially those relating to the internet of things (IoT).
This particular episode was made possible by a botnet of IoT devices compromised by a bit of malware known as Mirai, which was specifically designed to take control of connected devices. In this case the culprit was likely digital video recorders, those set-top boxes that allow you to record live TV and skip the commercials, and webcams, like those used around houses for security. All these devices now moonlight as slaves to malicious actors bent on taking down individual websites or even portions of the internet, as with the Dyn attack.
Steps to prevent this kind of attack
There should an attempt at prioritizing security in IoT deployments. Security by design, or ensuring that security is built into technology from the beginning, is a step in the right direction. Another step would be for innovators and regulators to work together to help align incentives, which are currently behind deploy-first-secure-later approaches, to support security in IoT.