Super Cyber Weirdness
A Big Outage
Well, it’s Super Tuesday primary election day… and the internet did some weird stuff this morning. Actually, it might still be doing weird stuff.
The Facebook disruption (including all Meta stuff such as Instagram and Threads) seems to be getting the most news coverage, but the internet monitoring site Down Detector indicates that lots of parts of the interwebs had or are having issues. Overnight there were some undersea cables cut in the Red Sea, but the timing of that doesn’t seem to align with today’s widespread temporary platform disruptions.
Today’s issue seems to be impacting a lot of platforms — including social media, telecom companies, Google, Amazon, and so on. Impacted sites include many of the things that are a big part of everyday American life.
Here’s a screenshot of the Facebook outage, in Central Time. Screenshots of some other platforms impacted are shown at the end of this post.
Government Check
A check of the official US government site in charge of monitoring cyber issues indicates nothing newly released today that appears to be relevant to this particular issue. That DHS CISA website does have a nice press release and video about our overall readiness for Super Tuesday.
Of course, the US government may not be releasing information publicly about an active, unfolding, or just-resolved incident although information could be being exchanged behind the scenes. DHS CISA has a huge set of public private partnerships with mechanisms for sharing real-time cyber threat and attack information between relevant US government agencies and infrastructure owners and operators, businesses, nonprofits, and state and local governments.
An incident from this morning may well be being actively investigated — especially on such a huge primary election day.
The Rumour Mill
All that said, people are already suspicious. My own personal Facebook feed is already full of people questioning this very widespread internet and platform disruption happening on a major primary election day.
Is it a practice attack for this fall’s major US presidential election?
We don’t have enough information to know at this point, but the tough thing is also that we may not get that information.
One thing we can do to help is to not spread rumours or our perceived certainty about various possibilities, but rather to speak about things using clear risk language and analysis that delineates what is known, what is not, and what might be likely but that cannot be confirmed yet. If and when the US does experience major cyber attacks, we will do well to be able to help each other navigate them without panic and misinformation as much as possible.
Limited News Coverage
I’ve been listening to MSNBC live for the most part of a few hours, and I haven’t heard them talking about this internet disruption. It’s possible that news agencies don’t want to scare people even though this could be a big deal… but it’s also true that there isn’t much to say yet as it’s not clear yet what’s happened. Online news reporting so far seems to be focusing heavily on the Meta impacts (such as Facebook and Instagram) as noted above despite the impacts to other platforms as well.
Spreading false information, rumors, or hypotheses isn’t great, either, so perhaps limited reporting right now is better. We’re running around on hare-triggers in the US so no need to freak everyone out unnecessarily.
The Cyber Risk Landscape
Hard reality is that there are very real risks out there. We’ve gotten very official US government information from multiple sources that Russia interfered heavily in various ways with the 2016 election (primarily through influence operations), and that they have worked to influence other US elections including the 2020 presidential one.
But there are other big cyber threats out there. Russia is one, but several nation-state actors have the motivation and capability to interfere in US society, infrastructure, and elections. One reason for causing disruption is to weaken the US overall so that our country plays less of a world policing role in protecting so many people and nations. Non-nation-state actors are also out there including everyone from criminals to terrorists. The capabilities and technology to cause cyber damage are quite accessible to those who know what they’re doing.
This video from a few weeks ago features the former DHS CISA Director, Chris Krebs, talking about China’s capacity to interfere with US infrastructure — a capability recently discovered that may have been in place for five years. Five years! This didn’t get widespread news coverage because American media but this is the kind of thing we should be paying way more attention to:
This interview shares a little tiny bit of information about the cyber risk landscape, but it’s pretty spectacular. In the video above, Krebs indicates that regional US infrastructure disruptions via cyber attacks could be quite problematic for our society, although he ends with a reassuring and somewhat dismissive note given the threat.
Yet regional infrastructure disruptions could be disastrous or catastrophic; depending on what they include and how long they last. And we haven’t done much to get ready for this sort of threat as a society… although we could. Also, there’s an “accelerationist” threat (also here) too to our infrastructure — domestic terrorists seeking to take down US infrastructure so that the current societal protections (like government) disappear so that the strongest and best-armed can run society in a more fascist, supremacist, colonial way.
What Can We Do?
Well, one super quick thing we can do is to put some resilience in place in our own lives in case of regional or infrastructure-based cyber attacks.
That might look like getting contact information for people we might need to remain in touch with from like social media through other channels. Or — getting contact and address information for our friends and family in-real-life so that we have that information if there is a disruption.
We can ask questions about how we would operate without a certain platform or technology. Like online banking. Like phones. Like email. Then we can take some actions to help us better handle the possibilities we come up with.
We can back up our data. We can also do more personal, family, and friend resilience things which look a lot like getting ready for a disaster. Most everyone doesn’t have enough stuff in place for this, and we’re coming into an era where we’re probably going to need it a whole lot more.
We can also get more serious about getting ready for this stuff in our everyday activities — at work, in our political groups, in any groups we’re in, and in our communities.
This is stuff we could be talking about within our activist groups, and as we talk to people about the stakes for elections, why we need government, why we need people to vote, and so on. Shift the Country will be putting a lot of energy into ideas like this, because it’s time.
We’ll be talking more about this sort of thing here, and also helping action groups with ideas for how to go about some of it. Holler if you’d like to have a specific conversation, or if you’d like to have us speak to your group.
And finally — talk to your people about these risks. They are serious, they are real, and they are likely to increase this year and for the foreseeable future. We’re in an unstable country in a time of accelerating change, and we need to get ready to deal with it better. We need to get our politicians to help, too. Be safe. Try not to get dead. Share our stuff. Join us where you can.
Take care.
APPENDIX: Outage Impacts From This Morning
Here are screenshots from about 11:30 am Central today, from Down Detector. The straight lines with jagged disruptions at the bottom of each brand’s icon show the internet outage impact for each platform. As of the time of publishing this, it looks like some disruptions are continuing.