Cybersecurity and the Internet Structure.
Internet was designed primarily thinking on promoting an open ambient to communicate in the most easy way. But these openness and simplicity have generated wide problems in terms of cybersecurity.

Cyberspace now seems to be the medieval Japan, with quite secure fortress, villages protected only by trust and cooperation and a huge part of “hic sunt leones” area where the law of the jungle is the natural cyber status quo. In these lawless areas, governments, hackers and crackers are fighting like ancient samurai and ninjas did, pursuing their own interests, offering their services to others, concentrating power and using it to protect themselves or to damage their enemies.

 

 

Actors and their roles.

A secure cyberspace is an essential prerequisite for the development of domestic and global social activities and governmental functions. The prevention against cyber crimes and threats needs collective measures involving public and private actors:

1.- States: protecting the physical infrastructures, controlling and prosecuting cybercrime, ensuring e-business and organising cyberwarfare and cyberintelligence's resources.

2.- Global Institutions/Certificate Authorities: to keep the Internet operational by certifying digital identities, enforcing privacy through cryptography and securing routing, addressing and DNS.

The certification of digital identities of websites depends on the collective cooperation of independent private entities (such as Symantec, Go Daddy, Verizon/Cybertrust), ACs or certificate authorities (TTPs or trusted third parties, are CAs that vouch the process of digital authentication of sites) and governmental authorities.

Internet's basic routing and addressing system are mostly based on trust and collective cooperation between independent global institutions, governments and private actors. ICANN/IANA is the global institution dedicated to secure the DNSs, the Domain Name System, a critical issue to keep the Internet operational. It is because of its importance that the DNS is a regular target of hackers attacks.

In 2008, Pakistan has caused a huge damage to this system, by filtering and blocking Youtube website because of a video containing blasphemous anti-Islam message. But this blocking request was not limited to Pakistani routers, compromising global routing infrastructures. At the end of the day, the problem was solved by the cooperation of different cyber actors around the world, but it has demonstrated how fragile the system could be.

3.- CERTs & CSIRTs (Computer Emergency Response Teams and Computer Security Incident Response Teams): public-private institutions that coordinate responses to problems, report incidents, and educate the public about Internet security. There are more than 250 CERTs around the globe, and most countries have at least one national CERT.

4.- The North Atlantic Treaty Organization (NATO) has created a “Cooperative Cyber Defense Centre” in Tallinn, Estonia, to face with the escalation of cybercrime and cybersecurity threats. Many countries now are training military personnel in cyberwarfare, using also private resources in terms of IT professionals and infrastructure to increase antiterrorism surveillance and cyber protection against national and global vulnerabilities.

5.- ISPs/Telcos: investing in security measures to protect their own infrastructures and intermediating between governmental control and society.

6.- E-commerce corps/ Banks: implementing mechanisms and certifications to protect their internal networks and secure transactions with consumers.

7.- Computer companies: investing in research and development of software upgrades, anti-virus and patches.

8.- Individuals: implementing firewalls and virus detection software on personal computers.

9.- Hackers: are persons seeking and exploiting weaknesses in a computer system or computer network, with different types: white hat hackers (break security for non-malicious reasons), black hat hackers (for malicious reasons), grey hat hackers (break security for then asking money to solve it), blue hat hackers (work testing security networks), hacktivists (work as hackers but to publicize a social, ideological or political message), script kiddies (hacks using others' hacking programs).

 

The Risks.

The main cybersecurity problems are related to authentication of individuals, identity theft, critical infrastructure protection, denial of service attacks, cyberterrorism, worms, viruses, spam, espionage, data interception, State censorship and surveillance.

End-User threats: virus and worms.

The oldest and more common risks for internauts are computer virus and worms. They are not the same: virus are malicious codes disguised in legitimate programs like email and activated when a user takes some action such as downloading an attachment. Computer worms are more insidious because they do not require activation by an end user to spread, consisting in autonomous codes that, once unleashed, are self-propagating and self-replicating without any action by humans. They can be used by hackers to destroy companies' information or by governments to attack their enemies' information infrastructures, like the Stuxnet worm did, infecting and sabotaging Iranian nuclear plants.

 

 

DDoS attacks.

The Distributed Denial of Service (DDoS) is an intentional network disruption in which a targeted computer is flooded with so many requests it becomes incapacitated and unavailable for access by legitimate users.

A DDoS attack doesn't need a high degree of technical ability. DDoS software tools are freely available on the Internet, using a master program called a “handler” that targets the attack and many agent programs called “zombies” or “daemons” that use thousands of unwitting computers around the world whose owners are usually unaware of this activity.

 

When in 2000, Yahoo!, CNN, Amazon, Ebay and many other big E-corp were attacked by a Canadian teenager named “Mafiaboy” using freely available DdoS tools, all the world has realized how fragile the whole system was in terms of cybersecurity.

This kind of attack represents a serious threat in particular for individuals and small groups, because they have no infrastructure to protect their websites and the only solution, that is to upgrade their internet services by an alliance with a big corporation, implies to be controlled by these new partner, resulting on an erosion of free speech and independent opinion.

 

 

 

Beyond the cybercriminal use of DDoS, there are DDoS attacks organized for two political motivations:

1.- To protest (hacktivism): in the last years, Anonymous and other hacktivists use to targeted public and private institutions' websites with DDoS attacks to protests against many

In 2007, during Russian minorities protests, Estonian information infrastructure was attacked by pro-russian hacktivists using DDoS attacks, disabling government servers, private banking systems and news agencies for three weeks. The same happened in Georgia in 2009 during the conflict against Russia and in Iran after the perceived electoral fraud.

2.- To silence oppositionin order to deny free expression of an individual, group or movement, governments and corporations could organize DDoS attacks.

After the Snowden Affair and the publication of US diplomatic cables, WikiLeaks' lost the support of its financial partners (Mastercard, Visa, Amazon and PayPal) due to the pressure exerted by the US government. As a countermeasure, Anonymous' launched a DDoS attack against the websites of all these corporations.

 

Governmental surveillance/control/blocking of internet traffic.

Almost all national governments around the world applies some kind of surveillance, control or blocking of internet traffic. Their justifications usually deals with:

A) the “necessity” to maintain internal order and peace: based on this, opposition is suppressed, emails, social networks, the search engines and instant messaging services (Twitter, Skype, Whatsapp, etc.) are controlled or blocked. There is a too long list of incidents like this: Burma and Nepal in 2005, Iran in 2009, Egypt, Libya during the Arab Spring in 2011.

B) Fight against online and offline crimes: most States and the big internet corporations have the technology to apply deep packet inspection in order to know the content, the origin and destination of most the internet traffic. Beyond the net-neutrality principle applied to the ISPs, governments use to implement different policies in order to surveillance terrorist and cybercrime activities, slowing and blocking certain contents, for example P2P traffic accused to infringements of copyright.

 

Manipulation of “kill-switches”.

National governments and other big cyber actors have also the power to manipulate certain infrastructural concentration points of internet traffic named “kill-switches” in order to disrupt completely certain communication networks. They can disrupt the flow of information by applying a content-specific filter in order to block or delete articles, blogs, items, social networks.

The States, in particular the USA, have also the power to impose domain name seizures or DNS redirections carried out by a domain name register. For example, in 2011, the day after the Super Bowl, the US government has seized Rojadirecta.org, a sports-streaming website owned by a Spanish citizen and declared legal by Spanish courts. Notwithstanding this demonstration of cyber hard power, Rojadirecta continues to be available in many other versions and domain extensions.

 

 

Censorship and Law Enforcement.

National governments use to delegate censorship in private companies housing or providing access to the information, requesting the removal or blocking access to the information at least for those citizens living under the country's laws. These requests proceed in case of criminal activities like defamation, hate speech, privacy violations, lèse-majesté, State secrets, blasphemy, child protection, pornography, racism, political speech, impersonification. Private companies, like Google, can analyze the requests, accepting or rejecting them taking into consideration not only the national legal system but also global rule of law and reasonability principles and technical criteria. (Yahoo! cases)

Google publishes an annual assessment of Internet Freedom in order to evaluate the governmental requests, their decisions and arguments to reject or accept the removal of information. In global terms, Google refuses 35% of court orders and 53% of informal requests. For example, in 2011 Google refused to apply a US local agency request to delete YouTube videos portraying police brutality.

What it is important to understand here is that the freedom of expression in the cyberspace is not only a question about the content of the information, but it is primarily about how to use technology to reach the public, helping the rest of the world to take conscience of authoritarian misbehaviors and human rights violations.

 

 

 

You might also like these articles:


THE NATURE OF CYBERPOWER

A complete sociological, political and behavioral analysis of Cyberpower.

Read More

CYBER SOCIAL PSYCHOLOGY

Understanding the variables Knowledge vs Emotions and Utopia vs Dystopia.

Read More

 

ss