Cybersecurity Pt2

in #anarchy7 years ago


Every minute of every day, roughly 3 million Google searches are performed. In the same minute, 12 websites are hacked. The scope of the Internet is immense, and we can’t truly understand cyber vulnerabilities, cybersecurity, and cyber warfare if we don’t understand how cyberspace is built and why it works the way it does. In this lecture, we’ll explore that topic and see how the scale of the Internet affects the scale of our vulnerability.
The Structure of Cyberspace
 Much of what we consider vulnerability in the Internet is inherent in its design. Indeed, the Internet is so effective precisely because it is designed to be an open system.
o The networks that make up cyberspace were built for ease of communication and expansion, not for security. At its core, the logic layer of cyberspace is fundamentally dumb; it is designed to do nothing more than transfer information quickly and efficiently.
o This fundamental simplicity is the key to understanding cyberspace.
 Although many users tend to think of cyber connections as nothing more than a glorified telephone network, the two are, in fact, structurally very different.
o Telephone networks are hub-and-spoke systems with intelligent operation at central switching points. Phone calls come in from a user to a central switching system, where sophisticated switches route them from one caller to another, creating a single, end-to-end connection.
o That structure means that the control of the system lies with the central authority—and that is also where the vulnerabilities are. For example, in the world of telephone communications, intercepting a communication is as simple as going to the central switching station and attaching two alligator clips to the right wire.
o We should also note that you can’t just join the telephone network; in effect, you need someone’s permission. The centralized system controls your access and your services.
 Communications through cyberspace are completely different, though portions of them often travel over telephone lines. Put simply, there really isn’t any central place to go on the network, and there is no central authority that runs it.
The Logic Layer
 When we talk colloquially about cyberspace, we’re talking about the logical network layer where all the information gets exchanged. A map of all the connections involved here would look like a massive tangle of lines—a giant web built by a crazy spider.
 How do the 1s and 0s we talked about in the last lecture move around in this logic layer? Unlike the telephone system, where the information stays together in a single unit as it moves from one end of the conversation to the other, in the logic layer of cyberspace, the information to be transmitted is broken into small packets. These packets are separately transmitted along different routes and then reassembled when they arrive at their destination.
o Thus, in contrast to the phone network, the cyberspace network is truly a “web” of interconnected servers that do nothing more than switch packets of information around the globe.
o This web is, as we shall see, far broader than the “World Wide Web” of pages that you can navigate to. It is a much vaster web of interconnections of everything ranging from cars and power plants to webpages and cell phones.
 Transferring these packets of information requires very little intelligent design. All that is needed is an addressing system and a protocol for moving information from one address to another.
o The addressing system is known as the domain name system (DNS) and the transmission protocol is known as the Internet protocol suite or, more commonly, the TCP/IP (transmission control protocol/Internet protocol).
o We can think of the DNS as the Yellow Pages—a place to look up someone’s address. The Internet protocols are rules about how to share information—how to identify the address in transit and how to package the information.
 As long as a user follows the TCP/IP, his or her information will be delivered—whether it’s a recipe for apple pie or the code to launch a nuclear attack. The logic layer is nothing more than 1s and 0s being directed around a network.
 The real intelligent operations occur at the edges, on our mobile devices and laptops running various apps. You can, quite literally, hook on to the network any system that manipulates data in any way and outputs data as its product.
 What makes the Internet so successful is that access to it is not controlled at a central switching point. You don’t need “permission” to add a new functionality. Anyone with a new idea can add it to the network by simply purchasing a domain name and renting server space. This simplicity and flexibility is what has driven the explosive growth of the Internet.
The Power of the Internet
 A simple example of a Google search demonstrates the power and transformative nature of cyberspace. Consider the search query: “Yankee second baseman 1973.” What happens to find the answer to that query?
o First, the small text file of the query is translated by a web browser into a string of 1s and 0s for transmission across cyberspace. At the same time, another portion of the web browser picks out the correct IP address to which the question should be addressed.
o The question is then broken into several distinct packets of information for transmission, each of which takes a different track across the Internet before being reassembled at a Google server.
o At the Google server, the 1s and 0s are translated back into a natural language message. Then, sophisticated programs interpret that message, and data-processing algorithms identify which webpages are the most likely ones to have the answer.
o That list is immediately coded as a webpage, which is again reduced to 1s and 0s, broken into packets, sent across the Internet, and reassembled on the user’s computer. All of this happens in under a second.
 Google didn’t need permission to provide this service; the user was free to choose a service other than Google; and the user didn’t have to buy the service from a central switching station. Access comes because Google chose to provide it, and any of us can use it by virtue of our connection to the network. The ability to choose services, to choose a method of access, and to ask questions of a universal nature across the entire scope and domain of the world is what makes cyberspace truly a worldwide web of connections.
 The distributed structure of the network also means that anything can be a node in the network, that is, an endpoint where the network connects to a function of some sort. In fact, anything with an IP address is somewhere on the cyberspace network: a cell phone, a car that has OnStar, smart-grid electric meters, and so on. The problem with this interconnection is that all of these nodes are potentially quite vulnerable.
A Five-Layer Cake of Connections
 The interconnections we’ve been discussing are part of the logic layer of the cyber domain, where the 1s and 0s are transmitted from server to server. But this logic layer is only one piece of the puzzle. Although most people think of cyberspace as limited to the Internet, its full structure is more complex. The logic layer is embedded in a much larger cyber domain, which we can conceptualize as a fivelayer cake of connections.
o At the bottom is the “geographic layer,” that is, the physical location of elements of the network. Though cyberspace itself has no physical existence, every piece of equipment that creates it is physically located somewhere in the world. As a consequence, the physical pieces of the network are subject to the control of many different political and legal systems.
o Next is the “physical network layer”—the hardware and infrastructure of cyberspace, all of which is connected. The components we think of in this layer include all the wires, fiber optic cables, routers, servers, and computers linked together across geographic spaces. To be sure, some of the links are through wireless connections, but all of those connections have physical endpoints.
o Above these two real-world layers is the logic layer that we’ve already described. This is the heart of the network, where the information resides and is transmitted and routed.
o Above the logic network layer is the “cyber persona layer,” which includes such things as a user’s e-mail address, computer IP address, or cell phone number. Most individuals have many different cyber personae.
o Finally, at the top, there is the “personal layer,” which encompasses the actual people using the network. Just as an individual can have multiple cyber personae, a single cyber persona can have multiple users, and it is often difficult to link
an artificial cyber persona to a particular individual. The true maliciousness of the network comes to the fore at this level, where people choose to act in malevolent ways.
 One of the greatest cognitive diffi culties in coming to grips with vulnerabilities on the network is that policymakers, legislators, and citizens simply don’t understand just how big the Internet is. The statistics are so sizable that they tend to overwhelm human conception.
o As of late 2012, there were more than 2.5 billion Internet users. It is said that no other voluntary human endeavor has ever been this large.
o Every day, those users conduct more than 3 million Google searches, engage in 11 million “instant message” conversations, and post nearly 700,000 Facebook status updates. According to Google’s CEO, “Every two days, we now create as much information as we did from the dawn of civilization up until 2003.”
 With the growth of information also comes a growing threat to our security. Every minute, more than 168 million e-mail messages are sent, and each one them is a potential threat and source of a malware intrusion. The scale of our vulnerability is exactly as great as the scale of the Internet.
 Perhaps even more signifi cantly, the scale of the vulnerability comes with an immense governance problem. How can any human institution manage and regulate so large an enterprise? In many ways, that is the fundamental question posed in this course and the fundamental challenge of cybersecurity. In a system with this many participants, even if we had the right solutions for cybersecurity, how could we get the entire world to agree to carry them out?

Important Terms

domain name system (DNS): The DNS is the naming convention system that identifies the names of various servers and websites on the Internet. In any web address, it is the portion of the address after http://www. One example would be microsoft.com.

Internet protocol (IP) address: An IP address is the numeric address that identifies a website on the cyber network. Typically, it looks like this: 172.16.254.1. Using the IP address, information can be communicated from one server to another. One of the critical functions of the DNS is to translate domain names (which appear in English) into numerical IP addresses.


Sort:  

This post received a 4.3% upvote from @randowhale thanks to @cryptoracle! For more information, click here!

Wow! You've really broken this down.
ff u.

Powerful)

thank you !