Internet critical infrastructure
The critical infrastructure of the Internet is loosely defined as a set of components that are necessary for the global network to function within standard parameters. Without the maintenance of these resources, the Internet or parts of it would cease functioning and different or remedial solutions would need to be put in place for connectivity to happen. Hardware and software solutions are built around the expectation of this infrastructure working in the manner that is outlined in the various technical documents that define standards for the network, so its instability or damage leads to consequences that often impact not only the focal point of the issue, but also other infrastructure around it.
From the human rights perspective, the limitation or precarization of access to the communications services provided by the Internet has direct consequences to the well-being of affected individuals, ranging from the unavailability of information causing political and social asymmetries to isolation from key public services such as health and tax systems.
From the cybersecurity perspective, the disturbance of this infrastructure can cause damage at multiple levels to systems that need to operate in a seamless and continuous manner. Some, such as those that provide electricity and water do not need to be connected to the Internet to properly function, even though they at times are. On the other hand, the financial system and services attached to it such credit, banking and commerce rely on the Internet to function.
From the Internet of Things perspective, the increase in the number of devices connected to the Internet that perform tasks which can be considered sensitive, such as health monitoring and autonomous driving, makes it so that the tampering or unavailability of the network results in problematic and potentially fatal situations. At the industrial level, the disruption of machines and production lines also carries high threat potential.
Components of the critical infrastructure
Responsible for the physical transportation of the data:
- Physical transmission lines
- Internet Exchange Points
Responsible for handling the data and ensuring its delivery:
Names and Numbers
Responsible for directing the data to its intended destination:
- Domain registry infrastructure
- Address registry infrastructure
- Website hosting
- TRITON in 2018.
- 2016 Dyn cyberattack on October 21, 2016, in the USA. Effect: 1,200+ domain names rendered unavailable.
- Industroyer in 2016.
- BlackEnergy 2 in 2014.
- Havex in 2013.
- Shamoon in 2012, in Saudi Arabia. Effect: 30,000 computers from the state oil company Aramo rendered useless.
- Stuxnet in 2010, in Iran. Effect: Degradation of 1,000 machines from the national nuclear program.