It is the morning after the internet went offline and, as much as you would like to think you would be delighted, you are likely to be wondering what to do.
You could buy groceries with a chequebook, if you have one. Call into work with the landline – if yours is still connected. After that, you could drive to the shop, as long as you still know how to navigate without 5G.
A glitch at a datacentre in the US state of Virginia this week reminded us that the unlikely is not impossible. The internet may have become an irreplaceable linchpin of modern life, but it is also a web of creaking legacy programs and physical infrastructure, leading some to wonder what it would take to bring it all down.
The answer could be as simple as some acute bad luck, a few targeted attacks, or both. Extreme weather takes out a few key datacentres. A line of AI-written code deep in a major provider – such as Amazon, Google or Microsoft – is triggered unexpectedly and causes a cascading software crash. An armed group or intelligence agency snips a couple of undersea cables.
These would be bad. But the real doomsday event, the kind that the world’s few internet experts still worry about in private Slack groups, is slightly different – a sudden, snowballing error in the creaky, decades-old protocols that underlie the whole internet. Think of the plumbing that directs the flow of connection, or the address books that allow one machine to locate another.
We’ll call it “the big one” and if it were to happen then at the very least, you would need your chequebook.
The big one could start when a summertime tornado cruises through the town of Council Bluffs, Iowa, laying waste to a low-slung cluster of datacentres that are an integral part of Google’s offering.
This area, called us-central1, is a Google datacentre cluster, critical to its Cloud Platform as well as YouTube and Gmail – a 2019 outage here downed these services across the US and Europe.
Dinners burn as YouTube cooking videos sputter to a halt. Workers across the world furiously refresh their suddenly inaccessible emails, then resign themselves to interacting in person. Senior US officials notice some government services have slowed, before returning to planning a new blitz over Signal.
All this is inconvenient, but nowhere near the end of the internet. “Technically, if we have two networked devices and a router between them, the internet is running,” says Michał “rysiek” Woźniak, who works in DNS, the system involved in this week’s outage.
But there is “absolutely a lot of concentration happening on the internet”, says Steven Murdoch, a professor of computer science at University College London. “This happens with economics. It’s just cheaper to run all things in the same place.”
But what if then a heatwave in the eastern US takes out US East-1, part of a Virginia complex that hosts “datacenter alley”, a key hub for Amazon Web Services (AWS), the focus of this week’s outage – among a handful of its neighbours. Meanwhile, a cyberattack hits a major European cluster, say in Frankfurt or London. In the wake of this, networks redirect traffic to secondary hubs, lesser-used datacentres, which like frontage roads in a Los Angeles traffic jam become quickly unusable.
Or, if we stray from disaster movie to the perils of automation, the heightened traffic could trigger a bug in AWS’s internal infrastructure rewritten by artificial intelligence months ago – perhaps one that went unnoticed after hundreds of AWS employees were let go this summer as part of the company’s larger push towards automation. Overwhelmed by unfamiliar requests, AWS starts to tumble.
Signal goes down. So does Slack, Netflix and Lloyd’s bank. Roomba vacuum cleaners fall silent. Smart mattresses go rogue and smart locks malfunction.
With Amazon and Google taken out, the internet would look largely unfamiliar. AWS, Microsoft and Google together account for more than 60% of the world’s cloud services market – and it is almost impossible to approximate how many services depend on them.
“But the internet at its very most rudimentary level is still working,” says Doug Madory, an internet infrastructure expert who studies disruptions. “You just can’t do anything that you’re used to on the internet because that’s all posted out of these metacenters.”
You may think that the biggest threat is an attack on an undersea cable. This excites Washington thinktanks, but otherwise achieves little. Undersea cables break regularly, says Madory – in fact, the UN estimates there are 150 to 200 faults a year.
“You’d really have to take out a bunch to affect communication. I think the submarine cable industry would tell you: dude, we do this all the time.”
after newsletter promotion
Then an anonymous hacking group mounts an attack on a DNS service provider – one of the phone books of the internet. Verisign, for example, handles every online site that ends with a certain “.com”, or “.net”. Ultranet, another one, handles “.biz” and “.us”.
Madory says it is extremely unlikely that one of them could ever be taken out. “If something were to happen to Verisign, .com would be gone. They have a huge financial incentive to make sure that never happens.”
But it would take an error of that scale, one that implicates more fundamental infrastructure than Amazon and Google, to truly devastate the broader ecosystem. If it happened, it would be unprecedented – the closest analogy could be the 2016 attack on Dyn, a smaller DNS service provider, which downed the Guardian, X and others.
With .com out, banks, hospitals, financial services and most communication platforms would be out. Some government internet infrastructure would still be there, such as the US’s secure messaging system Siprnet.
And – at least to a wonkish community of experts – there would still be the internet. There are self-hosted blogs, after all, and decentralised social platforms such as Mastodon, and niche domains including “.io”, for the British Indian Ocean, and “.is” for Iceland.
Murdoch and Madory can think of scenarios that would devastate the rest. Murdoch suggests a bug in BIND, the software language that supports DNS. Madory points at testimony from a group of Massachusetts hackers who in 1998 told the US Congress about a vulnerability that could “take down the internet in 30 minutes”.
That vulnerability involved a system one level up from DNS: the border gateway protocol, which directs all traffic on the internet. This is extremely unlikely, says Madory – such an event would be an “all hands on deck” scenario, and the protocol is “super resilient, otherwise it would have crashed by now”.
If the internet were ever fully shut down, it is unclear if it could be started up again, says Murdoch. “No one has turned off the internet after it’s been turned on. No one is really sure how it could be turned on again.”
In the UK, there is a non-virtual contingency plan, or at least there was. If the internet shuts down, the people who know how it works will meet up in a pub outside London and decide what to do, says Murdoch.
“I don’t know if this is still the case. It was quite a few years ago and I was never told which pub it was.”
