CREAKY NETWORKS
It might be surprising that a hacker collective was able to gain access to the SWIFT network, even if they were masquerading as a respected organisation and doing so via an access service. One might suppose that one needs specialist equipment or authentication to do this, but no, all that’s required is not getting caught. The SWIFT network is one of a number of Very Important Networks that the modern world relies on, yet one that’s open to abuse by sufficiently bold or ingenious attackers. Other such fireholes include SS7, the aging language that telephone networks use to communicate with one another. This has been exploited to various effect, for example in 2017 hackers used it to bypass twofactor authentication (2FA) for compromised bank accounts and misappropriate funds. The popular Wireshark tool can now detect these kinds of attacks.
The internet too has a number of Achilles heels – the 13 root DNS servers, for example, and the fact targeting a site’s DNS provider may be more destructive than the site itself (cf. The Dyn attacks of 2016). Perhaps more worrying is the border gateway protocol (BGP), effectively a band aid introduced in the early days of the internet, used to announce routes and for which (until recently, in the form of route origin validation) no modern alternative has been proposed. Large swathes of the internet are rerouted with alarming frequency (see https://bgpmon.net), via strange networks. Route announcements are complicated, so many of these incidents will not be malicious. But when high-profile sites go down because their traffic is sent via the Caucasus, it maketh one wonder.