About a quarter of the world’s internet users live in countries with internet infrastructure that are more susceptible to targeted attacks than previously thought, according to a large scale study conducted by researchers at the University of California San Diego. The computer scientists surveyed a total of 75 countries. The study was presented at the Passive and Active Measurement Conference 2022 held online.
“We wanted to study the topology of the Internet to find weak links that, if compromised, would expose an entire nation’s traffic. But a large portion of the Internet doesn’t function with peering agreements for network connectivity,” said Alexander Gamero-Garrido, the paper’s first author, in a press statement.
Depending on the country you are in, the structure of the internet can differ dramatically. In some places like the United States, a large number of internet service providers (ISPs) compete and offer services to a large number of users. These ISPs have networks that are directly connected to one another and exchange content; a process called direct peering.
But the study found that in some countries, many of whom are in the global south, internet users rely on just a few ISPs for internet access. And in some of these countries, one ISP serves a large majority of users. These providers often rely on a limited number of companies to get access to the global internet and internet traffic from other countries.
This could mean that attackers would only need to target one or few of these companies, called transit autonomous systems, to cripple an entire nation’s internet access. In countries like Cuba and Sierra Leone, one transit autonomous system provider provides a connection for almost all the users in the country; presenting a worst-case scenario.