Internet critical infrastructure

From Internet Community Wiki
Jump to: navigation, search

The critical infrastructure of the Internet is loosely defined as a set of components that are necessary for the global network to function within standard parameters. Without the maintenance of these resources, the Internet or parts of it would cease functioning and different or remedial solutions would need to be put in place for connectivity to happen. Hardware and software solutions are built around the expectation of this infrastructure working in the manner that is outlined in the various technical documents that define standards for the network, so its instability or damage leads to consequences that often impact not only the focal point of the issue, but also other infrastructure around it.

Main perspectives

Prioritization of the maintenance of the critical infrastructure can be justified from three distinct but connected perspectives: human rights, cybersecurity, and Internet of Things.

From the human rights perspective, the limitation or precarization of access to the communications services provided by the Internet has direct consequences to the well-being of affected individuals, ranging from the unavailability of information causing political and social asymmetries to isolation from key public services such as health and tax systems.

From the cybersecurity perspective, the disturbance of this infrastructure can cause damage at multiple levels to systems that need to operate in a seamless and continuous manner. Some, such as those that provide electricity and water do not need to be connected to the Internet to properly function, even though they at times are. On the other hand, the financial system and services attached to it such credit, banking and commerce rely on the Internet to function.

From the Internet of Things perspective, the increase in the number of devices connected to the Internet that perform tasks which can be considered sensitive, such as health monitoring and autonomous driving, makes it so that the tampering or unavailability of the network results in problematic and potentially fatal situations. At the industrial level, the disruption of machines and production lines also carries high threat potential.

Components of the critical infrastructure

Physical structures

Responsible for the physical transportation of the data:

Protocols

Responsible for handling the data and ensuring its delivery:

Names and Numbers

Responsible for directing the data to its intended destination[1]:

  • Domain registry infrastructure
    • Root Domain Name System (DNS) server
    • generic Top Level Domain (gTLD) name servers
    • country code Top Level Domain (ccTLD) name servers
  • Address registry infrastructure
    • Internet Assigned Numbers Authority (IANA)
    • Regional Internet Registries (RIRs)
    • National Internet Registries (NIRs)

Web implementations

  • Website hosting

Notable attacks

  • TRITON in 2018.
  • 2016 Dyn cyberattack[2] on October 21, 2016, in the USA. Effect: 1,200+ domain names rendered unavailable.
  • Industroyer in 2016.
  • BlackEnergy 2 in 2014.
  • Havex in 2013.
  • Shamoon in 2012, in Saudi Arabia. Effect: 30,000 computers from the state oil company Aramo rendered useless.
  • Stuxnet in 2010, in Iran. Effect: Degradation of 1,000 machines from the national nuclear program.

Mitigation solutions

  • 802.16s

References