A quarter of Internet users in the world depend on

image: Fraction of each country’s IP addresses that are exposed to selective observation or tampering by companies that connect ISPs to the global Internet. Countries are shaded in progressive shades of blue, countries with less exposure in the darkest blue. Countries in gray excluded from the study.
see After

Credit: University of California San Diego

Around a quarter of the world’s internet users live in countries that are more susceptible than previously thought to targeted attacks on their internet infrastructure. Many countries at risk are located in the countries of the South.

This is the conclusion of a large study conducted by computer scientists at the University of California, San Diego. Researchers surveyed 75 countries.

“We wanted to study the topology of the internet to find weak links that, if compromised, would expose an entire country’s traffic,” said Alexander Gamero-Garrido, the paper’s first author, who got his doctorate. in computer science at UC San Diego.

The researchers presented their findings at the online Passive and Active Measurement Conference 2022 this spring.

The structure of the Internet can differ greatly from one part of the world to another. In many developed countries, such as the United States, a large number of Internet providers compete to provide services to a large number of users. These networks are directly connected to each other and exchange content, a process known as direct peering. All providers can also connect directly to the global Internet infrastructure.

“But much of the internet doesn’t work with peering agreements for network connectivity,” Gamero-Garrido pointed out.

In other countries, many of which are still developing countries, most users depend on a handful of internet service providers, and one of these providers serves an overwhelming majority of users. Not only that, but these providers rely on a limited number of companies called autonomous transit systems to access the global Internet and traffic from other countries. Researchers have found that often these providers of autonomous transit systems are state-owned.

This, of course, makes countries with this type of Internet infrastructure particularly vulnerable to attack, as it only takes a small number of transit autonomous systems to be crippled. These countries, of course, are also vulnerable if a major internet provider suffers outages.

In the worst case, an autonomous mass transit system serves all users. Cuba and Sierra Leone are close to this fact. By contrast, Bangladesh grew from just two to more than 30 system providers, after the government opened up this sector of the economy to private enterprise.

This underscores the importance of government regulation regarding the number of ISPs and autonomous transit systems available in a country. For example, researchers were surprised to find that many undersea Internet cable operators are state-owned rather than privately owned.

The researchers also found traces of colonialism in the topology of the Internet in the countries of the South. For example, the French company Orange has a strong presence in some African countries.

The researchers relied on data from the Border Gateway protocol, which tracks the exchange of routing and reachability information between autonomous systems on the Internet. They are aware that the data may be incomplete, introducing potential inaccuracies, although these are mitigated by the study methodology and validation with real internet operators in the country.

The next steps are to examine how critical facilities, such as hospitals, are connected to the internet and how vulnerable they are.

Quantifying nations’ exposure to trafficking observation and selective forgery (PDF)

Alberto Dainotti (now at Georgia Institute of Technology), Alexander Gamero-Garrido (now at Northeastern University), Bradley Huffaker and Alex C. Snoeren, University of California San Diego Esteban Carisimo, Northwestern University
Shuai Hao, Old Dominion University

Disclaimer: AAAS and EurekAlert! are not responsible for the accuracy of press releases posted on EurekAlert! by contributing institutions or for the use of any information through the EurekAlert system.

Previous Cybersecurity Fact Sheet - Ukraine
Next Air Force Chooses New Leader for ISR and Cyber ​​Effects