"The main vector for getting inside most organizations today are rogue applications residing on the network," says Nir Zuk, founder and CTO of Palo Alto Networks, a network security company.
For example: An IT manager installs GoToMyPC on a machine in the data center so that he can fix problems in the middle of the night from his home. But it has a weak password and gets hacked. Or he installs a P2P app to download songs, unwittingly allowing outsiders to download confidential files from the company LAN -- including password sets and network configuration maps. Or he sets up WebEx to do a presentation, then foolishly tells the program to share his desktop across the Web.
Once inside, attackers could root around the network until they locate the command and control centers for Google's many data centers. And then they can turn out the lights, leave behind a logic bomb that corrupts Google's databases, or simply have their way.
"I'm not familiar with the structure of Google's network, but they must have a command and control app that lets them shut down their data centers," says Zuk. "Everyone does."
What could happen: Yahoo and Bing become swamped with search traffic, and might collapse under the weight. Organizations that rely on Gmail and Google Docs for their day-to-day operations will find themselves unable to get much done (though, given how many outages Gmail had over the last year, they might be used to it). YouTube fans may discover there are approximately 7,834 other free video sites out there. Web entrepreneurs who rely on Google ads will find themselves bereft of income for an unknown period of time.
Other consequences, according to Google Blogoscoped author Philipp Lenssen: "People may not be able to post an update about their life, leading others to believe they've disappeared (because Blogspot is down); conspiracy theorists will be able to sell more books on 'why Google went down (and what the NSA had to do with it)'; and people who want to search for 'why Google is down' realize that, well, Google is down so they can't search for that."
How long it would take to recover: From hours to days, depending on what measures Google already has in place. A Google spokesperson contacted for this story says, "We are always planning for different threat scenarios, but we aren't going to discuss specific defense measures."
Likelihood: Zuk says it's more likely than most big companies are willing to admit.
"In a big company like Google or Yahoo, which have tens of thousands of employees, there will always be unaware employees who do something stupid like sharing their desktop via WebEx," he says. "It only takes one to do it, and from there the route to the data center is a quick one."
How to avoid this fate: To avoid getting nailed by rogue apps, companies need greater visibility into their networks to expose any apps that are running and what ports they are using, and to map all of their other dependencies as well, says Steve Cotton, CEO of FireScope, a developer of IT service management solutions.
To avoid being compromised by insiders, companies should get real-time notifications of the activities of privileged users, block specific unauthorized activities, and split the responsibility for monitoring among multiple users, says Slavik Markovich, CTO at database security firm Sentrigo.