What Could Possibly Go Wrong: An Internet “Off” Switch

Just how this idea could backfire

The last time someone could shut down the Internet was probably in 1969, when it consisted of two computers. But in recent years, concerned with the possibility of a “cyberattack,” Congress has been exploring such an option.

In 2009, senator Jay Rockefeller sponsored a bill to give the president the right to “order the disconnection” of “critical infrastructure information systems or networks.” That went nowhere, but now there’s Senate bill 3480, the Protecting Cyberspace as a National Asset Act of 2010. As its sponsor, Senator Joe Lieberman, told CNN, the bill will allow for the president to order Internet service providers to “disconnect the American Internet from all traffic coming in from another foreign country.”

Constructing such a switch would be extremely difficult. Borders are porous. Data packets originating in, say, Iran or China can enter the U.S. in many different ways—via satellite or submarine cable or packet radio, or routed through other countries. And packets can be “spoofed,” or assigned a forged IP address, which means there’s no foolproof method to be sure which packets are from home and which from abroad.

Even if it were possible to physically sever the entire U.S. telecommunications system from the rest of the world (and given enough time and money, and the acceptance of a significantly slower Internet, anything could be done), hackers could immediately create a work-around. Consider: Before the Dutch police shut it down last November, the Bredolab botnet commanded an army of 30 million virus-infected zombie computers to send spam. It did so with just over 140 command-and-control servers in the Netherlands, leased through a hosting provider. The man arrested in the case was Armenian. In this era of cloud computing, when anyone from anywhere can rent servers, including American ones, by the hour, a kill switch would be useless.

In fact, it might be worse than useless; it would present a tantalizing target. Whereas before, it was nearly impossible to disrupt entire networks, now hackers could simply hack into the kill-switch system itself. A more subtle (or cash-strapped) cyberterrorist might simply fake a cyberattack that would trick the U.S. itself into flipping the switch. No one really knows what would happen then—not only would e-mails go undelivered, but ATMs, stock exchanges and the flow of funds of all kinds could be disrupted. And then we would still face another challenge: how to turn the thing back on.

How We Can Do Better

Don’t turn off the Internet. End-to-end encryption (complete encryption of all Internet traffic) would do far more to protect Internet users from spies and hackers, whether they were operating from inside or outside the U.S.

Also, What Could Possibly Go Wrong with