Security Vendor: Attacks Will Bury the Internet by 2020
SAN FRANCISCO -- Structure 2016 -- The Internet needs to be rebuilt from the ground up, otherwise attacks will make persistent Internet connectivity impossible by 2020, Lance Crosby, chairman and CEO of security startup StackPath, said Tuesday.
"By 2020, the Internet could become unusable," Crosby said in a presentation here. You'll connect to the Internet only as long as it takes to transact business, and immediately disconnect. "It will become such a bad place that you don't want to stay connected 24/7, which is the exact opposite of the way we grew up using the Internet."
Interlocking software-as-a-service (SaaS) companies are already magnifying the effects of attacks. In the recent attack on DNS provider Dyn, which brought down much of the Internet, StackPath was also taken down. Although StackPath doesn't do business with Dyn directly, StackPath's accounting, billing, and ticketing systems do. With those services down, StackPath went out as well, Crosby said. (See Attacks Have Major Internet Sites on the Ropes.)
As SaaS providers "weave together to become a more cohesive company, the least common denominator can take the whole thing down," Crosby said.
Before founding StackPath, Crosby co-founded SoftLayer, a cloud provider sold to IBM for $2 billion in 2013.
"We have an emerging problem with security on the Internet as a whole," Crosby said. When he started StackPath 18 months ago, Crosby says he made predictions that critics said were too dire. But he says he made those predictions simply extrapolating current trends: That by 2020 we'd see DDoS attacks larger than Tier 1 carrier backbones, and more malware attacks by the billions. By March of this year, we'd seen a 350Gbit/s attack on the Trump website, followed several months later by an attack on security journalist Brian Krebs that measured 700 Gbit/s. Later, a 1.1Tbit/s attack hit OVH, and a few months after that came the Dyn attack, with volume that was literally unmeasurable. "We've seen the size of the largest DoS attack in the world triple in the last few months," Crosby said.
The Internet is rendered less secure due to increased exposure from IoT devices, Crosby said. Five years ago, attackers targeted PCs and smartphones because those were the only targets available. Now, in Crosby's own home, he says he has 190 IoT devices, with 1,100 IP-enabled devices in a new home he's building. IoT devices include Philips Hue lightbulbs, Ring doorbells, smart garage door openers -- all accessible to attacks.
The Krebs attack was launched by a network of consumer webcams with a hard-coded password of admin/admin that the user couldn't change. "That's a terrible security practice. It should never happen," Crosby said. The company that made the webcams should face dire penalties, he said. "They should have been socially responsible and make sure those kinds of things never enter the world."
- Please Take a Moment to Appreciate This Awesome Collection of Laptop Stickers
- Why Microsoft Azure?
- Google's Hölzle: Moore's Law Slowdown Drives Cloud Demand
— Mitch Wagner, , Editor, Light Reading Enterprise Cloud