The fragile internet is a threat to the economy
It has been a difficult few months for the Internet.
In June, the failure of Fastly Inc.’s content delivery network forced some of the world’s largest e-commerce and media websites to go offline. Later, there were massive data breaches at T-Mobile US Inc. and Amazon.com Inc.âs Twitch streaming service, and last week, Facebook Inc.âs main social network, Instagram and WhatsApp, was down for about six hours. Then on Friday it happened again, albeit more briefly.
All incidents had a joint response from the company. It goes something like this: We’re sorry, it was an unintentional misconfiguration, we’ll do better next time! After the Facebook outage, the CTO of security software company Cloudflare Inc. called it a reminder of the fragile nature of the Internet, where millions of interconnected systems depend on each other to keep it running.
There was a time in the early days of the Web when such an apology was acceptable. But the Internet, and many of these businesses, is now the backbone of the modern economy. Billions of consumers and millions of small businesses rely on Facebook’s communication tools for their daily lives. If the web is held together by rubber bands and toothpicks, it is clear that the United States must take urgent action to mitigate these vulnerabilities.
What can be done? First, we need to hold companies accountable when they fail to implement appropriate safeguards and security policies. The sheer frequency of the problems shows that the industry, on the whole, does not take the problem seriously. Companies are not prioritizing the problem or not investing enough to solve it. That is why it is important to make negligence much more painful by increasing the amount of financial penalties and increasing the accountability of management teams.
T-Mobile is one of the more egregious examples. According to the Wall Street Journal, a self-proclaimed hacker said he was able to break into the wireless operator’s systems through an unprotected router, with devastating consequences. The company revealed in August that the personal data of nearly 50 million accounts had been compromised, including some social security numbers and driver’s licenses. Incredibly, this latest incident is T-Mobile’s fifth data breach in the past three years or so.
Another possible solution would be to increase government oversight. With Facebook and Fastly saying their outages were based on simple employee mistakes, I shudder to consider the level of damage a dishonest employee or state-sponsored actor could cause. In the same way that Federal Reserve bank examiners aim to prevent systemic risk by working on-site at financial institutions, a new team of regulators should be allowed to inspect the redundancy and security plans of key technology companies. At a minimum, we must do everything in our power to reduce future human errors in network configuration.
Yes, the Biden administration has recognized the importance of the country’s internet vulnerabilities for reasons of national security and economic security. But so far, the White House has done little to tightly regulate the private sector, other than to develop voluntary standards. Governments must be more energetic.
We cannot continue to let businesses get away with it. There is a lot that can be done to prevent the worst-case scenario from becoming a reality.