New information technologies have transformed world politics, and not always for the better. Even trying to understand how technology connects us reveals the strengths and weaknesses of the Internet. To understand what the Internet is becoming, let’s start with some basic questions—how big is it and how big will it be?
In 2012, a creative programmer decided that it might be an interesting exercise to count all the devices that were connected to the Internet. Completing an Internet census was an intellectual and engineering challenge. Critically the census must be completed without interfering with them or slowing down the Internet. So the census taker built a “bot” and created a “botnet.”
The word “botnet” comes from combining “robot” with “network” and is a collection of programs that communicate across multiple devices to perform some task. The tasks can be simple and annoying, like generating spam or aggressive and malicious, like choking off Internet exchange points, promoting political messages, or launching denial-of-service attacks. Some of these programs simply amuse their creators; others support criminal enterprises. In playing around, the census taker discovered a surprising number of unprotected devices connected to the global Internet. A complete census was only possible with a botnet that would enlist all the unprotected devices in the service of the census project. The botnet would both count devices and replicate itself so that its copies could help count devices. The botnet spread out and found 1.3 billion addresses in use by devices around the world.
The script was called the Carna Bot after the Roman goddess of health and vitality. The exercise was about taking basic measurements of the health of the Internet. It worked brilliantly, reporting on many different kinds of devices, from webcams and consumer routers to printers and security systems. The researcher decided to remain anonymous but the findings were published as a public service. The census exposed two dark secrets about how the Internet works.
First, knowing the default passwords for pieces of key equipment could give someone access to hundreds of thousands of consumer devices and tens of thousands of industrial devices around the world, from gaming platforms to industrial-control systems. So as the world’s security experts debate the impact of the latest sophisticated hacking attempts from China or the encryption possibilities of quantum computers, just knowing factory passwords means someone can access any device once it leaves the factory and is connected to the Internet.
Second and more concerning, the bot discovered other bots. Carna wasn’t the only unauthorized bot checking for open ports on devices around the globe. Carna was written as a public service for an exploratory project, and it built a botnet to do the census. But, the census taker found several competing botnets, and an enormous, sleeping, network of bots called Aidra, which had compromised as many as thirty thousand devices. Aidra had the power to hijack not just computers but gas meters, refrigerators, microwaves, car-management systems, and some mobile phones. The bots could attack any network infrastructure for a client with a denial-of-service attack. Carna Bot performed the public service of temporarily disabling any Aidra bots it found.
The next time someone reboots those infected devices, the bots will be ready to start commandeering them. The botnet that Carna exposed could be very destructive if it is ever used, and some might even see her as a threat because the census taker was fooling around with the world’s device networks. Still, in exposing these dark secrets, Carna revealed a lot about what our Internet is becoming. If a credible census from 2012 revealed 1.3 billion devices with an address on the Internet, what are the projections for the years ahead? In tomorrow’s post I will attempt to find an answer.
Part two of the post is available here