Fragility, Digitally: The internet during world war

The global internet is more fragile than many realise. Nick Merrill lays out how we may prevent the possibility of a catastrophic pan-internet meltdown in the event of large-scale attacks, and create a safer, more stable, and perhaps even more governable network. Banner image: Shutterstock/Lidiia
Fragility, Digitally: The internet during world war
Like
The Forum Network is a space for experts and thought leaders—from around the world and all parts of society— to discuss and develop solutions now and for the future. Aiming to foster the fruitful exchange of expertise and perspectives across fields to help shape Better Policies for Better Lives, opinions expressed do not necessarily represent the views of the OECD.
Building a resilient recovery: Emerging stronger from the COVID-19 pandemic

The internet has never seen a world war. In fact, the 40 years in which the internet has existed—and the mere 20 in which it has been widely used—have been anomalously peaceful in the long view of human history. What conflicts have arisen have been relatively local in scope: skirmishes, cross-border conflicts and internal civil unrest. And these conflicts have reliably resulted in local disruptions to the internet. If local conflicts cause local internet disruptions, what sorts of disruptions would global conflicts cause?

Imagine this: you try to use your credit card, but it doesn’t work. In fact, no one’s credit card works. You try to go to some news websites to find out why—but you can’t access any of those, either. Neither can anyone else. Panic-buying ensues. People smash ATMs and empty them of cash.

This kind of pan-internet meltdown is more likely than most assume.

I direct the Internet Atlas Project at the University of California, Berkeley. Our goal is to shine a light on long-term risks to the internet. We produce indicators of weak points and bottlenecks that threaten the internet’s stability. We take measurements at various layers of the internet’s technological stack, from cables to content delivery networks. With those measurements, we identify weak points in the global internet. From these weak points, we build theories that help us understand what parts of the internet are at risk of disruption, and whom those disruptions will affect, and how severely. With these theories, we predict what interventions might make the internet more resilient.

To understand the internet during a world war, let’s begin with a more popular topic: internet fragmentation. Broadly, this term refers to the sense that the internet is growing increasingly different in different countries. As our measurements show, internet fragmentation is a real phenomenon, though its form is considerably more complex than popular narratives of illiberal internets rising to threaten a supposedly global one.

Popular narratives of “cyber conflict” [frame] the internet as a medium through which conflict occurs; but it is equally an effect of conflict.

What fragmentation we observe is not solely the maneuverings of an ascendant illiberal order, but also a global response to an internet whose management by policymakers no longer (and perhaps never did) align perfectly with the strategic interests of all the world’s nations. Popular narratives of “cyber conflict” focus on the “domain” reading, framing the internet as a medium through which conflict occurs; but it is equally an effect of conflict. The internet is, in other words, not only the domain but also the object of international competition and co-operation.

The Internet in a World War

What would happen to the internet during world war? Here, measurement can help prime our imagination. States may cut the undersea cables that carry 98% of the world’s internet traffic, which would cause considerable chaos, particularly to countries in the global South (and very particularly to island nations in the South Pacific, whose politics, both internet-relevant and not, have been of growing global importance). Defense officials are indeed increasingly preoccupied with the possibility of so-called cable clipping attacks.

Through court orders or other wartime policies, we also estimate that state actors could switch off most of the user-facing internet by forcing domestic service providers to take particular actions. Such actions could block information flows either on a per-nation basis or globally. Even more nefariously, they could alter internet content without end-users’ knowledge. Imagine navigating to nytimes.com and seeing a page that looked identical to the New York Times, complete with the lock in your browser bar that normally indicates a website is “secure;” unbeknownst to you, a state intelligence agency has subtly altered the content. Scenarios like these are technically possible and practically feasible to many state actors during wartime.

Crucially, the cascading effects of any of these actions, or of escalation between states during active conflict, could quickly spiral out of control. Knock-on effects could produce feedback loops, which could, in turn, yield a global meltdown.

More on the Forum Network: The Internet is built on a house of cards: it's time to secure it, by Lauren Crean, Policy Analyst, Digital Economy Policy Division, OECD
More on the Forum Network: The Internet is built on a house of cards: it's time to secure it, by Lauren Crean, Policy Analyst, Digital Economy Policy Division, OECD
The Internet’s routing system hasn’t changed much since its inception 33 years ago, but the world around it has. A new OECD report explores the current state of play of routing security and how policy makers can improve it. 

Addressing Fragility: Mapping vulnerabilities, Democratising control

The point of thinking of war is to ensure it never occurs; that, if it does, it does not escalate; and that, if it does escalate, it does not cause a catastrophic failure like the vignette I painted at the beginning of this piece. What can the world do to better prepare the internet for war—and the world for a wartime internet?

First, national and international policy bodies should use data about the internet to create informed estimates of impact under likely wartime scenarios. Data of the type my initiative at Berkeley collects could be helpful in such exercises. The results of these games could inform priority areas for national or international investment in critical infrastructure.

An increasingly homogenised internet has created central points of failure—a gift to attacking nations during a global war.

Second, local policymakers should explore how they might enhance (and democratise) control over local internet infrastructure. As I have written extensively elsewhere, direct governance over local internet infrastructure could create a more democratic internet, one more responsive to local needs and conditions. A shift towards local control could also create an internet more decentralised in its management and thus more resistant to large-scale attacks. The internet is, by design, most robust when its local units are small, and the structure between those units is organic and emergent. An increasingly homogenised internet has created central points of failure—a gift to attacking nations during a global war. Returning the internet to local control will create a more democratic—and also less fragile—internet.

The global internet is more fragile than many realise. War could destabilise it worldwide, and the global economy with it. Societal collapse could well follow. Using both international, data-driven analysis and local action, we can create a safer, more stable and, perhaps, more governable network for our descendants.







To learn more, check out also the OECD's work on the Digital Economy and tune in to the OECD Digital Economy Ministerial Meeting, taking place on 13-15 December 2022 

To learn more, check out also the OECD's work on Digital Security and tune in to the OECD Digital Economy Ministerial Meeting, taking place on 13-15 December 2022 


Also on the Forum Network: Speaking Tech to Power: Why technologists and policymakers need to work together by Bruce Schneier, Security Technologist; Author; Fellow and Lecturer, Harvard's Kennedy School

More on the Forum Network: Speaking Tech to Power: Why technologists and policymakers need to work together by Bruce Schneier, Security Technologist; Author; Fellow and Lecturer, Harvard's Kennedy School

Please sign in

If you are a registered user on The OECD Forum Network, please sign in

Go to the profile of Peter Kraneveld
over 1 year ago

I would suggest that to make the project more collaborative, a portal should be created where trusted companies and site owners can dump fact checked data for analysis and find tools to collect such data.