What if the Internet cannot be secured?

Today I want to draw attention to a possibility that I have not seen raised elsewhere, namely, that the Internet will turn out to be un-securable. If true, one might expect the un-secure Internet to bring an increase in damaging (even catastrophic) security and data breaches.

This is from the blog of Gail Tverberg (link), who mostly writes about  economics (indented text herein is hers):

We don’t think about the internet as being important, but it has become an essential part of our interconnected world economy. The internet helps facilitate all of the just-in-time deliveries needed to operate today’s economy. All of the fancy workarounds for the use of intermittent electricity on the electric grid assume that the internet will be available to transmit information back and forth quickly. Banks make use of the internet to get information to approve loans and to clear checks with other banks.

Tverberg’s post mainly concerns energy-related questions. At the end of this post, however, she takes notice of the growing public awareness of the insecurity of the Internet.

In the United States, we seem to hear one story after another about the internet being hacked. The most recent story involves a major hack of the data collected by Equifax for the purpose of determining the credit-worthiness of individuals in the US. If this data gets into the wrong hands, it can be used for “Identity Theft.” An impostor can apply for a new loan in the name of someone else, or can steal an income tax refund intended for someone else.

In a previous post (link) I argued that we have moved from a paper-based system to an online system in the space of two decades or so, but that we are not ready, at least not in terms of being able to reproduce the stability and predictability of the paper system. The paper systems just past were the product of a long period of evolution in areas like bookkeeping, personal identification, and money transactions. In other words, they were pretty well debugged.

That this is not the case with the online system is now apparent. The real question is: will it settle down into predictability, and if so, how long will it take? I would argue that while it seems intuitively likely that the current security problems will be effectively banished, there is no way of knowing the answer to even the first question. The landscape is constantly shifting, the attackers clever and adaptable.

If the internet is truly not secure, no matter what we do, this by itself could cause major problems for the system we now have in place. We don’t have a “Plan B” available, either. Trying to start over with “snail mail,” for example, would be a problem. This is another illustration of the difficulty involved in going back to an earlier technology.

She goes on to pose the question “What do we do if [the Internet] becomes too insecure?”

I hope that we will not have to find out. But we should regard the rate of security and data-breach incidents as a leading indicator and do what we can to bolster our defenses.

Leave a Reply