For most of the history of computing, IT security was the specialized focus of professionals. Topics debated heatedly at an IT conference wouldn't even be mentioned at the water cooler or weekend soccer games. But the recent crescendo of high-profile hacks and cyberattacks has expanded the discussion into mainstream news shows and living rooms.
Even so, the level of alarm is disproportionate to the actual dangers, and collectively we still do not grasp what is at stake. Despite the implications of a recent attack targeting the backbone of the entire Internet, our leaders, media and the public continue to regard cyberwar as a minor threat – secondary to other national concerns.
One important reason that this happens is the tendency of people to compare larger problems to their own in an attempt to understand them. Who today cannot remember a time they were without Internet service due to a storm or outage? For most people the result amounted to little more than inconvenience and an annoyance. It is natural for these people to adopt the view that an outage or the loss of the Internet would be a massive inconvenience, but nothing more.
Companies that depend on the Internet have lost more under similar circumstances, and their experience better equips them to begin to comprehend the scope of the problem.
In 2013, Amazon lost an estimated $4.8m (£3.2m) in sales. The cause? An outage estimated to last somewhere between 15 and 45 minutes. That is roughly $120,000 a minute, certainly more than an inconvenience.
It may seem like pointing out the obvious – that an internet company stands to lose a lot of money if the Internet goes down. What is perhaps less obvious is why this is dangerous to all of us. The top 15 Internet Service Providers account for nearly 1 million jobs, most of which would be lost quickly if the Internet was taken down for any length of time.
This alone would be devastating for our economy. And that figure does not include jobs from the remainder of hundreds more ISPs and from other companies like Amazon and Google that depend directly on the Internet for most of their revenue. Global management consulting firm Boston Consulting Group estimates that "if [the Internet] were a national economy, it would rank in the world's top five, behind only the US, China, India, and Japan, and ahead of Germany."
What would happen in the event of an internet outage?
For better or worse, our modern economy is like a shark – it depends upon constant motion for survival. The economic effects of an Internet outage for any significant length of time would bring our economy to its knees simply through the loss of jobs and revenue from pure-Internet companies. But this is only the tip of the iceberg.
Consider that the majority of companies that benefit from connectivity are outside the tech sector - one conservative estimate says 75% of the overall internet benefit is reaped by more traditional industries. The flip side of benefit is dependence. This figure does not capture the fact that many of these traditional industries, in order to reap these benefits, have become dependent on the Internet and connectivity to perform basic functions. And in many cases these basic functions are also the basic functions that support modern civilization.
When we look at a small sampling of some of these companies and agencies, and the functions they perform, the impact of a loss of connectivity becomes positively frightening.
Fedex, UPS and the Post Office all depend on the internet to route mail and packages, and the infrastructure and trained staff that used to handle these functions manually are long gone. These services will grind to a halt if the internet goes down, affecting not only these companies but also those that depend on reliable shipping as an integral part of their business.
The situation is similar for other transportation industries. Trucks, trains and planes are all dependent on the internet and connectivity for the precise choreography required to operate in the modern world. Should this coordination be suddenly removed our ability to efficiently transport goods and people would follow. Far more than an inconvenience – these are the groceries you will be unable to buy at the supermarket.
And what about those groceries? They are produced by companies that also depend on the internet for tasks ranging from food production, quality control and freshness in shipping. Massive companies like Kraft Foods, Monsanto and General Mills would find themselves unable to keep the pace necessary to remain profitable, let alone supply food to the people that depend on them.
Aside from all of the direct effects of the damage to these companies, we would also see ripple effects on the economy. A company that can no longer provide services can also no longer provide jobs or pay taxes. When the dotcom bubble burst nearly 85,000 jobs were lost and the effect of the burst was enough to plunge our economy into recession. And 85,000 jobs is a drop in the bucket compared to what is at stake from a loss of connectivity today.
The question isn't whether any of these things would happen after an internet outage of any length, it is whether or not you would even notice. This is because the more vital dependencies on the internet belong not to people or private companies, but to the government and utilities. NSA Director Michael Rogers, told the Wall Street Journal: "There shouldn't be any doubt in our minds that there are nation-states and groups out there that have the capability to ... enter our systems, to enter those industrial control systems, and to shut down, forestall our ability to operate, our basic infrastructure."
Leaving ourselves vulnerable to attack
This basic infrastructure includes traffic lights, police services, our Army and Navy, emergency services, electricity generation, water transportation, and nuclear power stations. If we look at the economic effects of Hurricane Sandy, estimated at nearly $20bn excluding physical damage, we can gain some picture of the havoc that would ensue.
Our dependency on the internet, and its vulnerability to attack, is a recipe for chaos. The threat of this chaos is what makes the internet such an attractive target for terrorists and rogue governments. An attack like the one attempted at the end of November, if successful, would have rendered the backbone of the internet unusable. Had it been successful, we would already be seeing many of the effects described, and many more.
This is perhaps the most compelling argument for you, the reader, to open your eyes to the very real dangers of cyberwar. A great deal of effort and coordination went into the November attacks, as well as other similar attacks on our network infrastructure. If the only expected result was to cause a bunch of people some inconvenience, would the perpetrators have bothered?
The truth is that our enemies have realized what we have not – that for all of its benefits the internet represents the soft underbelly of the Western world. They also realize that because we continue to underestimate the impact we are not doing everything possible to protect ourselves. As a result, our defenses stagnate and our vulnerabilities fester while our enemies improve their means of attack. Time is on their side, not ours.
Who is John McAfee?
John McAfee is one of the most influential commentators on cyber-security anywhere in the world. His new venture –Future Tense Central – focuses on security and personal privacy-related products. In September, McAfee announced he will be running for US president in 2016.
McAfee provides regular insight on global hacking scandals and internet surveillance, and has become a hugely controversial figure following his time in Belize, where he claims to have exposed corruption at the highest level before fleeing the country amid accusations of murder (the Belize government is currently not pursuing any accusations against him).
McAfee was a finalist at the 2015 Comment Awards for his work for IBTimes UK.
Who is Rob Loggia?
Rob Loggia is a white hat hacker who has worked with John McAfee for many years doing research, data collection and data analysis.