The internet needs to be extremely resilient and should be able to cope with many parts of the modern threat landscape. The IETF believes “Whenever a new protocol is developed or existing protocols are modified, threats to their security should be evaluated”, (https://www.rfc-editor.org/rfc/rfc4081.txt).
Different threat categories were identified by the NGI Interim Study report which need to be considered in order to achieve the vision of NGI, grouped together as 'Force majeure' (Natural disaster, Man-made disasters, Adversary AI), 'Technological’ (Cascade of system failure, Spillover from inadequate isolation/segmentation), and ‘Human intent’ (Cyber warfare and cyber conflicts, Industrial espionage, Industrial sabotage, Pervasive surveillance and Malicious big data). Here is a brief overview of different threat categories:
-
Natural disaster: Damage to critical parts of the infrastructure (earthquakes, floods).
-
Man-made disasters: Intentional and unintentional sabotage, the result of human action, (nuclear explosions, acts of terrorism, vandalism).
-
Adversary AI: AI does not understand mutually assured destruction. The risk of non-benevolent or adversary AI to impact the larger system becomes more realistic as AI is handed larger responsibilities, such as handling some of the largest data centres on the planet, (https://deepmind.com/blog/deepmind-ai-reduces-google-data-centre-cooling-bill-40/).
-
Cascade of system failure: Many resources on the web and the wider internet are no longer self-contained, but have hard-coded dependencies on resources delivered by third parties, such as content delivery networks and cloud providers. These are used for critical features such as navigation. An outage somewhere in this chain can ripple an avalanche of unintended outages throughout many different systems.
-
Spillover from inadequate isolation/segmentation: The combination of different applications and user domains in a single infrastructure mean that the risks of that combined system may end up as the sum of all risks. One submission pointed out a quote by a security manager: “In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters.” (Jeff Jarmoc, head of security Salesforce, quoted in a summary article at http://www.bbc.com/news/technology-37738823).
-
Cyber warfare and cyber conflicts: The Fifth Domain, disruption of the internet infrastructure of a region for military and political purposes.
-
Industrial espionage: Theft of advanced technology from industry, academia and military through exploiting internet infrastructure weaknesses.
-
Industrial sabotage: Disruption and exploitation of internet weaknesses aimed at competing global regions and economic actors, aimed at giving the attacker a competitive edge.
-
Pervasive surveillance: Mass scale monitoring and long term programmes for pervasive surveillance dating back to the earliest days of the internet have been exposed and not all capabilities have been revealed.
-
Malicious big data: Passive observation of users by companies without their explicit knowledge and consent is another type of threat.
