Engineering The Internet For Resilience

Written by

Over the past few months, the news cycle has seen warnings about nation-state hackers targeting critical water and electricity infrastructure, even accompanied by government advice on how to survive a prolonged national blackout. But, while the government  focuses on the risks to our electricity and water supplies, we must also consider the availability of an increasingly critical pillar of modern civilization: the Internet.

We all use Internet services in every aspect of our lives. Internet infrastructure and the services it supports have grown both exponentially and organically over the past three decades. The architectures and technologies we have used have evolved as user needs – and revenue opportunities – have shifted.

The layers of hardware and software that support the services we all consume are often designed, at their foundation, for resilience – but the level of investment in resilience is very variable, based on the risk management decisions and financial realities of individual organizations. As users, we see end-to-end digital services, but the delivery of those services can involve many loosely coupled organizations.

The Utility Gap

What’s very different from other critical services like electricity and water supplies is the level of supply chain interdependence within Internet services. Take water supply as an example: if an organization that supplies the entry security for the offices of your water company fails, water keeps flowing to customers; in the digital world, failure of a service element one or two tiers up in the digital supply chain can impact the availability of a service globally.

Put simply, for legacy ‘real-world’ services, we plan for resilience across the service as a whole, whereas with Internet services, this planning can be much more fragmented. We rely on sprawling ecosystems of interdependent entities: cloud service providers, localized internet service providers (ISPs), third-party application programming interfaces (APIs) and vast content delivery networks – if there is a weak link in this mesh, then we have a potential problem. And, this potential problem is becoming a reality as bad actors explore our digital supply chains, mapping out dependencies to try and find those weak links.

A Digital House of Cards

The core issue plaguing our digital ecosystems is a lack of visibility into cross-platform dependencies. This creates a precarious house of cards where a localized failure or a targeted distributed denial-of-service (DDoS) attack on a service dependency can trigger a collapse that takes down major platforms worldwide. What does this mean? In any digital ecosystem, it’s the part with the weakest defenses that defines overall resilience.

The first challenge is to understand all of the elements and interdependencies of our digital systems. Unfortunately, these are not always easy to obtain. A good start is consistent, high-fidelity visibility of network traffic and key performance metrics, as this can provide a view into local dependencies and the next tier of the digital supply chain – allowing both performance and availability risks to be assessed. However, each of the services that we depend upon may also depend upon others.

Understanding and assessing the risk posed by the digital supply chain is the subject of a growing number of regulatory frameworks around the world, spanning the EU, UK, US and beyond. And some of these, such as DORA, covering the EU financial sector, have significant penalties if violated.

Critics might argue that regulating and monitoring the Internet like a traditional utility could stifle the very innovation that makes it valuable, pointing out that its decentralized nature is inherently designed to route around damage. However, treating the Internet as a utility does not necessitate heavy-handed, centralized government control. Instead, it demands industry-led observability, shared responsibility and technological collaboration.

Countering the Complexity: AI and Observability

Achieving the right level of resilience at scale requires advanced tools. While threat actors are increasingly using AI to launch more sophisticated attacks, the technology is also enhancing defensive capabilities. By applying machine learning algorithms to curated trustworthy data, AI platforms can quickly identify unusual behaviors and complex threat patterns capable of evading human analysis. They can then automate responses to block potential threats in real time.

However, the effectiveness and reliability of AI platforms depend heavily on the quality and consistency of the datasets they ingest. Context is everything in AI and ‘garbage in, garbage out’ still very much applies. If visibility is fragmented or flawed, AI tools will fail to protect the broader digital ecosystem.

Engineering a Resilient Future

The Internet is no longer just a network of computers; it is the central nervous system of our global economy. It is simply no longer an option to treat digital infrastructure downtime as an unavoidable inconvenience.

Enterprise leaders, service providers and policymakers must embrace an end-to-end approach to digital resilience. We must engineer our digital infrastructure to match the dependability, visibility and protection of the electricity in our outlets and the water from our taps.

What’s Hot on Infosecurity Magazine?