Thursday, February 23, 2012

Engaging ISPs in the Protection Against Cyberthreats


There are approximately 4,000 ISPs in the United States. Each of these provide access to Internet for anywhere from 200 to more than one million customers.

Since all Internet transactions must pass through a service providers, these operations are the best points where to engage countermeasures against the prime sources of cyber corruption, such as: botnets, router hijacking and domain-name fraud.

Tackling the challenges to Internet security is critical because Internet transactions process over $8 trillion worth of transactions occur over the Internet. Any shut-down of the Internet will shut down the US economy.

ISPs have the unique visibility of malware transiting their infrastructure.  They are in position to filter malware more effectively than end-point consumers at millions of points where defense is not only expensive and difficult, but also hard to intercept with sufficiently trained expertise. Since all ISPs are ultimately interconnected, the compromise of any one that is poorly managed can then extend to every securely managed ISP. It is the ISP’s that are accountable for the development of secure routing standards as transactions traverse the Internets in over a dozen connections – each of which can be interfered with.

As organized perpetrators disrupt services and infrastructures the issue of safeguarding Internet transactions ceases to be a contractual matter. It becomes a concer for national cyber security.

Cyber attacks such as Distributed Denial of Service (DDoS), introduction of botnets, insertion of a collection of compromised computers or large-scale zero-day infections call for concerted as well as costly protective measures. Thousands of smaller scale ISPs may not be able to afford that.
Adoption of an industry-wide code of safeguarding Internet transactions is insufficient without the assurance of government certification of compliance with well-researched standards.

The newly organized National Cybersecurity Center of the National Institute of Standards, Department of Commerce, appears to be the most suitable organization to develop such standards. However, a certification of compliance with cyber policy would it would require the full force of law in order to be enforceable.

The existing laws that govern the conduct of Internet-related transactions concentrates entirely on police issues such as the Communications Assistance for Law Enforcement Act (CALEA).

SUMMARY
The flaws in the Internet are persistent and cumulative and not temporary. The list of cyber flaws contains ten thousands of entries and applies equally to financial, manufacturing, utility or defense networks. This list changes every minute as attackers modify their software. For instance, network routers that pass on all traffic from one computer to another are vulnerable to promiscuous mode corruption; to router table attacks; to shortest path compromises; to border gateway flaws and to border gateway poisoning to name just a few named faults. All of these routers as managed by ISPs.

ISPs also control network switches, that distribute all traffic, are vulnerable to known corruptions such as flooding attacks; address resolution spoofing; “Man-in-the-Middle” misrouting; denial of service; switch hijacking; spanning tree misdirection; forcing external root election and to VLAN hopping. ISP operated software sets up the Internet directories, which are set up in domain name servers, can be undermined by address starvation; attacks using rogue servers; bogus default gateways; malicious records; spoofing; flooding attacks; faulty responses to a server; buffer overflow attacks and denial of service attacks. The entire global Internet is also a host to a vast population of malicious viruses, worms and Trojans, which can be best detected when making a transition between ISPs. There are over 100 million such software scripts already residing on the Internet. Over three million new ones are added every month.

There is no question that a law that would impose cyber security regulations would go a long way of reducing the current risks.

No comments:

Post a Comment

For comments please e-mail paul@strassmann.com