Weaponizing the internet

The very technology created by man to make the world small and flat, to enhance borderless economy, to nurture open governance, to allow instantaneous communication, to view people across the globe in real time is the same technology now being used to invade a nation, to instigate opposition, to unite a crowd to question authorities and register protests. One innocent tweet, an emotional plea over Facebook, a collage of photos showing human interests are the platforms for today’s manipulative propaganda offensive. Indeed, the internet backbone — “the infrastructure of networks upon which internet traffic travels — went from being a passive infrastructure for communication to an active weapon for attacks.

This column originally appeared in The Manila Times on January 28, 2020    

From news to viruses to the cyber world and politics, more and more the art of war is changing face. It used to be that humans fight wars by occupying territories. Today, by just weaponizing news, one creates shades of truth that causes havoc to humanity depending on the virality of such push. There are bio-warfare experts who handle the world’s deadliest diseases to put together virulent strains as potential bio-weapons that when released via human carriers cause pandemonium nobody has seen before.

The cyber world has created so many strains for cyber warfare that no one seems to be prepared save those who launch such attacks on enemy or sometimes friend territories. One is left to one’s own devices to respond and the chatter is loud in the Dark Web that too often we are at a loss as to how to handle these things. What we see over the internet are three types of web: Surface Web, which is only four percent of the total infrastructure. The Deep Web (90 percent) is not accessible to Surface Web crawlers and is only accessible to certain browsers. Deep Web technologies has zero involvement with Dark Web.

The Dark Web is a subset of the Deep Web. The Dark Web search engines are not visible to the public and are not crawled/indexed by any search engine spiders like Google. You might be using the normal search engine (Google, Yahoo, Bing) as a regular basis for searching the terms, in which you will never get any information from the Dark Web, which is entirely on the dark side of the Deep Web. About 96 percent of the information is hidden in the Dark Web and the rest of the 4 percent is visible to the public. The Dark Web is the world where you can browse and talk anonymously.

They are more likely to have legal and illegal stuff on their Dark Net marketplace. The Dark Web is a smaller part of the Deep Web that can’t be accessed without a special software like Tor, I2P and Freenet. Among these private browsing softwares, the Tor browser is “comparatively the best.”

The very technology created by man to make the world small and flat, to enhance borderless economy, to nurture open governance, to allow instantaneous communication, to view people across the globe in real time is the same technology now being used to invade a nation, to instigate opposition, to unite a crowd to question authorities and register protests. One innocent tweet, an emotional plea over Facebook, a collage of photos showing human interests are the platforms for today’s manipulative propaganda offensive. Indeed, the internet backbone — “the infrastructure of networks upon which internet traffic travels — went from being a passive infrastructure for communication to an active weapon for attacks.”

Everything seems to be a weapon these days. “We are attacking each other online with memes, in popular culture with sexist subtexts, on university campuses with safe spaces. On the other hand, nothing is an actual weapon. Nuclear warheads and chemical agents are the preoccupations of a bygone era. We don’t have trenches or gladiatorial arenas anymore; we have comments sections.”

According to the Cyber Defense Magazine issue of December 2019, “2020 has been declared as [the] year of weaponized internet.” The risk posed by the “weaponization of internet infrastructure for the Distributed Denial of Service (DDoS) attack generation will be a hot topic for ISPs once again in 2020. Hackers continue to use reflection amplification techniques to launch massive DDoS attacks, as they have done for over a decade, but now they’re using new protocols and infrastructure to circumvent defenses and build new capabilities. Appreciating the scale of the risk posed by connected devices that can be used to reflect and amplify DDoS traffic is key. The range of devices that can launch attacks, the clean-up rate after identifying attack vectors, and the rate of discovery and weaponization of new protocols are key factors when we look at the evolving threat landscape. Understanding these factors and their regional variations are a must for network operators looking to model the risks they face.”

The Internet of Things is driving connectivity very quickly. This and the devices proliferating and the continuing growth and availability of fixed broadband services across all geographies, and the rapid expansion of 4G and 5G mobile infrastructure, add to landscape. Threat actors are “weaponizing” vulnerable or poorly configured devices, adding them to botnets and using them as DDoS reflectors, proxies or for other nefarious purposes. And, unfortunately, this is only going to get worse before we can contain at the level of the purchase by the individual. “In 2020, hackers will continue to compromise both existing and new devices. Until the security of a new device is a key buying criterion or regulatory focus, this will continue — fueling the capability of the attackers out there.”

Cybersecurity is becoming important in such a terrain. “Cybersecurity is often confused with information security. Cybersecurity focuses on protecting computer systems from unauthorized access or being otherwise damaged or made inaccessible. Information security, is a broader category that looks to protect all information assets, whether in hard copy or in digital form.” How do we respond to the weaponization of the web? We need to adapt to robust cyber security protocols that address people, processes and technology. The Philippines has no cyber security corridor. The academic community has not taken the challenge to prepare for a future-proof nation. The opportunity is unique for a country like the Philippines being then the text capital of the world and today, the longest time online in the globe.

All stakeholders need to collaborate and confront the reality of a weaponized internet. Internet service providers, cloud providers, governments, enterprises, and equipment manufacturers all need to take ownership of this problem. If they do, they will make the connected world a better place for everyone.

In the end, we should remember that only humans push buttons, still.

BLOG COMMENTS POWERED BY DISQUS
About the Author
Malou Tiqiua is the Founder/General Manager of PUBLiCUS Asia Inc. A noted political management expert in the Philippines and Asia, she brings over 20 years of professional experience in public, private and the academe combined. Author of the comprehensive book on electoral campaigns in the Philippines, "Campaign Politics", Malou is a graduate of the University of the Philippines with a Political Science degree and a Master of Public Administration. She completed her second master's degree (MA in Political Management) from the Graduate School of Political Management, George Washington University.
Other Articles