Internet's architectural flaws feed cyber-threats, say researchers

Mar 12, 2013

In his State of the Union address this month, President Obama named hackers and "cyber-attacks" as amongst the greatest economic and national security threats to the United States. The President has a point; earlier this week, a report by the security firm Mandiant linked a unit of China's People's Liberation Army to hundreds of cyberattacks on Western corporations, while the The New York Times, Wall Street Journal, and Washington Post all recently announced they had been targeted as well.

The President's response was to issue an executive order calling for greater sharing of information between the private and public sectors on cyberattacks and threats, but have raised questions about government invasions of privacy. How can we build a hacker-proof Internet without compromising basic freedoms?

A new report by the New England Complex Systems Institute (NECSI) lays the problem, and the solution, at the door of the Internet itself. "The current design of the Internet is inherently insecure," said Yaneer Bar-Yam, president of NECSI and a co-author of the study. Any node can be attacked from any other node, requiring the entire network to be hardened against all possible attacks—an unrealistic goal, Bar-Yam said.

"Making every computer on the Internet—including every tablet, PC, server, and smartphone—impervious to attacks is impossible," he added. An effective response requires reconstructing the architecture of the Internet itself. The report proposes substantial changes to the routers in charge of switching between .

"Collective security-preventing attacks would require that the routers of the Internet themselves would need to have protocols that allow refusal of transmission based upon content or extrinsic information such as point of origin," according to the study.

The authors' discussion of Internet security is placed with the larger context of all network structures. The study compares to biological threats and systems, in which the same fundamental principles of network structures used in communication, transportation and defense mechanisms also apply.

"The human body bases its main line of defense in its primary transportation system—the blood stream—and in its skin and membranes," says Bar-Yam. "The immune system would collapse if it only acted within individual cells. Likewise, consider what American might look like if every home and office was required to be a fortress in the absence of the police and military patrolling neighborhoods and defending national borders."

The study, "Principles of Security: Human, Cyber and Biological," was performed at the request of a long-term planning military group, the Strategic Studies Group, which reports to the Chief of Naval Operations, the head of the Navy. The report is being released for the first time to the public this week.

Explore further: Study: Social media users shy away from opinions

More information: www.necsi.edu/research/military/cyber/

add to favorites email to friend print save as pdf

Related Stories

Auditor warns Canada lagging on cyber security

Oct 23, 2012

Canada "has been slow" to set up firewalls to protect against cyber threats to critical infrastructure, leaving the nation vulnerable to crippling attacks, the auditor general warned Tuesday.

US, China trade charges on cyberattacks

Feb 19, 2013

The United States and China on Tuesday traded charges over cyberattacks after a security firm alleged that Beijing controled hackers who have penetrated the US government, companies and media.

Obama setting up better security for computers

May 29, 2009

(AP) -- America has for too long failed to adequately protect the security of its computer networks, President Barack Obama said Friday, announcing he will name a new cyber czar to take on the job.

Recommended for you

Study: Social media users shy away from opinions

Aug 26, 2014

People on Facebook and Twitter say they are less likely to share their opinions on hot-button issues, even when they are offline, according to a surprising new survey by the Pew Research Center.

US warns shops to watch for customer data hacking

Aug 23, 2014

The US Department of Homeland Security on Friday warned businesses to watch for hackers targeting customer data with malicious computer code like that used against retail giant Target.

Fitbit to Schumer: We don't sell personal data

Aug 22, 2014

The maker of a popular line of wearable fitness-tracking devices says it has never sold personal data to advertisers, contrary to concerns raised by U.S. Sen. Charles Schumer.

Should you be worried about paid editors on Wikipedia?

Aug 22, 2014

Whether you trust it or ignore it, Wikipedia is one of the most popular websites in the world and accessed by millions of people every day. So would you trust it any more (or even less) if you knew people ...

How much do we really know about privacy on Facebook?

Aug 22, 2014

The recent furore about the Facebook Messenger app has unearthed an interesting question: how far are we willing to allow our privacy to be pushed for our social connections? In the case of the Facebook ...

Philippines makes arrests in online extortion ring

Aug 22, 2014

Philippine police have arrested eight suspected members of an online syndicate accused of blackmailing more than 1,000 Hong Kong and Singapore residents after luring them into exposing themselves in front of webcam, an official ...

User comments : 0