What if the net stopped working?
The idea of a total internet meltdown seems preposterous – it was built to survive a nuclear war – but ask the residents of Hong Kong, who recently saw the internet nosedive when an undersea cable went AWOL, and it’s clear that an outage isn’t out of the question.
Could a total meltdown follow a carefully co-ordinated virus attack? Experts from level-headed organisations to government offices and security vendors have told PC Pro that while a cataclysmic breakdown of the web is highly unlikely, it’s still a possibility.
The scenario that plays out below is fictional, but based on potential eventualities, and the worst-case scenarios are gleaned from interviews with security experts from the NISCC, the Cabinet Office, Symantec, Sophos, IBM, ISS, RayNet, PriceWaterhouseCoopers, the Cyber Security Industry Alliance and the Association of Chief Police Officers.
Many of the attacks described have actually happened in the past, but in isolation. But what might happen if a widespread, combined attack, gnawing away at a variety of vulnerabilities, wreaked havoc among businesses and caused serious disruption to public services and communications?
DAY 1 7:53AM Brian Davis, an early response team leader with Hitfast AntiVirus, is on a crowded commuter train grinding into Reading when the first warning arrives. An automatic alert sent to his BlackBerry warns: “Critical worm day zero outbreak. 50,000 instances already in wild, spreading quickly. Rated: highly dangerous.” Davis instructs the rest of his team to convene at their Berkshire headquarters, then rings his wife to tell her to cancel the restaurant tonight.
9:01AM The National Infrastructure Security Co-Ordination Centre posts the following message on its website: “CRITICAL WARNING: An internet worm, $0sassy, is attacking web-facing computers, and has already compromised business networks and thousands of home users. This is a zero-hour virus, one for which there’s currently no known signature, nor any patch or fix available. Anyone not affected should minimise internet access until a fix is released by security vendors.”
10:00AM By the time David Mills, systems manager at London accountancy firm Reed James & Redfearn, arrives in his office, harassed staff have already left dozens of messages on his voicemail. The firm’s network-management software reveals email inboxes are overflowing and support staff report employees’ hard drives are infected with self-replicating files. To make matters worse, PC performance is plummeting and anti-virus software has been disabled.
10:30AM It’s the first appointment of the day for Dr Mike Hamilton in his small general practice in Wiltshire. The GP switches on his PC to access Mrs Richardson’s medical file, but the Windows start screen doesn’t even load; there’s only the whirring of an over-worked hard drive. Without access to her records, Dr Hamilton can’t issue Mrs Richardson’s repeat prescription, much to his elderly patient’s bemusement.
12:00PM Entire offices are grinding to a standstill as the virus attacks Microsoft Exchange Servers, crippling corporate email and calendaring. IT managers at three leading City firms are reportedly instructing employees not to start office PCs, through fear of spreading the virus. Yet without email, mass office communication within large organisations is near impossible, leading to more PCs being turned on and infected.
Both the BBC and ITN lunchtime news bulletins are leading with the virus story, which has now been dubbed SoSassy. ITN reports that workers with nothing to do are beginning to go home, with fears beginning to surface that public transport services could be affected by both the computer problems and increased demand for travel at this off-peak hour.