Who Keeps Us Safe Online?

Like a glacier in the sea, only a fraction of the World Wide Web is visible by search engines.

Google has indexed trillions of pages on the web, but the monolithic search engine really only scrapes the surface. Though they’re constantly crawling the web and adding new pages, search engines can only access about 1% of the entire World Wide Web.

The other 99% is called the Deep Web.

But the Deep Web isn’t as nefarious as it sounds. Yes, it does include secretive and sometimes illegal sites that can only be accessed on the TOR network. But the majority of Deep Web pages are much more mundane.

Many pages on the Deep Web aren’t indexed because search engine crawlers don’t use websites the same way people do. For example, dynamic web pages created on-the-fly for users don’t show up in Google. If you use your favorite online store’s search engine, the website creates a unique, original page in order to show you your search results. That page created just for you is part of the Deep Web.

Other areas of the Deep Web can include company databases, or academic journals secreted away behind paywalls, inaccessible to search engines.

Then there’s all our own private data that ends up online. When you access your bank account online, enter your credit card information at an online store, or read confidential communications on your company’s intranet, all of those online pages are in the deep, never to be accessed by others.

But search engines aren’t the only things crawling the web searching out information. All that data is at risk from attacks by cyberterrorists and hackers, who target specific websites or even the entire Internet for their own causes or amusement. They exploit vulnerabilities like Heartbleed, which enables hackers to easily steal sensitive data online (and the government to easily read your private correspondence).

And it’s not only our identities, credit cards, and private communications that are vulnerable online, but the entire Internet itself. Check out the data below to find out just how vulnerable to attack we are — and who’s keeping us safe.who-keeps-us-safe-online-V2

Who Keeps Us Safe Online?

Banking, personal information, communications. Much of our lives depends on the internet, but in the wrong hands the internet could be destroyed – or worse, used against us.

That is why there are organizations established to protect the internet and keep its users safe.

How the Internet Works

When you connect to the internet, you are connecting to a network of computers.

That means that each computer needs its own unique address within that network – the IP (internet protocol) address.

Every IP address is written in the form XXX.XXX.XXX.XXX where each XXX must be a number from 0 – 255.

Remembering the IP address for your favourite sites would be an impossible task, so that’s where DNS comes in.

DNS

DNS, or Domain Name Server, converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites.

This means that when you enter www.bbc.co.uk, the DNS converts that information into the IP address of the site, taking you to your destination.

The process looks something like this:

  1. You enter an address,
    • e.g. www.bbc.co.uk
  2. This request gets sent to a remote DNS server.
    • If the address is nto stored in that server’s database or cache, then it will relay the request to another server.
  3. The address is found in another server’s cache, and the address is converted into an IP address, e.g. 212.58.244.70, and relayed back to your computer.
  4. If it was not found in the first server, the address will be cached for future requests.
  5. The converted IP address is relayed to your computer, and you are connected to your intended site.

The Internet Corporation for Assigned Names and Numbers (ICANN) controls the Domain Name System (DNS).

It is important to note that ICANN is actually a not-for-profit American NGO, rather than a government or international organization.

Verisign, Inc. act as the Root Zone Maintainer, who ensures stability and security of the DNS by securing zones, i.e. ‘.com’, ‘.net’ etc.

What Are the Main Threats to Safety Online?

Catastrophic Internet Breach

Internet Collapse

  • A situation like “Heartbleed”, where anyone on the Internet can read the memory of vulnerable systems.
  • This would allow hackers to steal sensitive data directly from users and services, and to eavesdrop on communications.
  • Cyberterrorists could infiltrate the key DNS servers and bring down the internet, affecting communications and economies, and jeopardizing critical information worldwide.
  • This would allow for them to act as a ‘man in the middle’, either redirecting the DNS connections or severing them entirely

What Would Happen?

  1. When a threat is detected, the DNSSEC key holders are informed by ICANN.
    • What’s DNSSEC? ICANN’s security protocol that ensures websites are registered and signed, so that the DNS conversion leads to a real site and not an identical pirate site.
    • Who has these keys? A select group of security experts from around the world – no single country is allowed too many keyholders. All are considered experts in internet security and work for various international institutions.
  2. The keyholders convene at either the East or West Coast ICANN DNS facilities.
  3. Each key holder brings a key to a safety deposit box, which in turn contains a smart card.
    • What does the smartcard do? The smartcard contains a fraction of a code which, when combined, will generate a new master root zone key.
  4. This master root zone key will then be used to effectively reset the DNS
    • How does this work? The key allows for the verification of DNS connections and root zones, making sure that cached addresses are genuine, and reestablishing severed links between zones.

So Are We Safe?

While it’s a step in the right direction, there are still legitimate concerns about the efficacy of this solution. A particular concern is that fact that global security is being handled by a regional not-for-profit organization.

Though their efforts are well-intentioned, the jury is still out on whether DNSSEC can keep us safe from a catastrophic internet event.

Sources

Download this infographic.

Embed Our Infographic On Your Site!

Get Exclusive "Subscribers Only" Content

Join our newsletter & be first to hear when we publish new posts.

Get Exclusive "Subscribers Only" Content

Join our newsletter & be first to hear when we publish new posts.

Twitter Facebook

Discussion

What Do You Think?

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>