Wednesday, January 04, 2006

How to secure the Internet

I recently wondered, are there any existing government practices towards securing the entire Internet?

So I went though the U.S National Strategy to Security Cyberspace, to find out what is the U.S up to given it still maintains "control" of the Internet. What is the Internet's biggest weakness? No, it's not a sophisticated term, its a common word called design.

A fact that is often neglected as the core of all problems, is that the Net's design by itself was primarily developed for reseach purposes. That is, universities and scientists exchanging data, users whose activities would definitely not result in the following :)

- infect the competing Ivy League universities with malware, and "borrow" as much intellectual property as possible

- Conduct DNS poisoning and redirect their competition's site to their own one

- Eavesdrop on their fellow researcher's communications

The Internet wasn't mean to be as secure as we wished it could be today. So, when it became public and turned into today's part of daily life, I feel this weakness started to remerge on a harge scale.

Perhaps the second biggest vulnerability is the ability to forge source addresses, and given you can spoof the origins of your packet no accountability for a great deal of today's threats is present. IPv6 isn't the panacea of security, and would never be though. There are as a matter of fact a lot of vulnerabilities related to mostly, implementation, and awareness on the possibilities. But the introduction of IPv6 over the Internet, still remains an ambition for goverments and organizations across the world. As a matter of the the U.S DoD indicated their troubles while migrating to IPv6, but they desperately need it. Though, I greatly feel the sooner the better.

The current Internet IP space is so easily mapped and datamined, that on most occasions,such transparence is mostly beneficial to malicious attackers. I believe that security threats can indeed have a national security impact, of course, given their sevirity and actual abuse. Today's information and knowledge driven societies are largely dependent on information and technology infrastructure for most of their needs. This has on the other hand boosted a tremendous technological growth. It eventually resulted in an increased world productivity, but the dependance can also affect real life situations on certain ocassions.

Can cyberspace indeed influence real-life situations and cause havoc? Would someone wants to bring down the Internet, and how sound is this? What are the main driving factors behind the known weaknesses of the infrastructure, and how can their negative effects be prevented?

I greatly feel that the growth of E-governments, native Internet population, improved communication infrastructure, thus more bandwidth and opportunities,are crucial for the growth of a nation. The only weakness besides actual usability or utilization, is Security.

Going back to the report, it clearly highlights and takes into consideration both, soft and hard dollars. That is, enemies conducting espionage over companies, universities, or mapping key government, industry networks, and easily reachable known targets to be used later on. Hit-lists for potential targets can be easily gathered in today's open source intelligence world.

On a worldwide basis, the implications to the entire Internet posed by insecure DNS servers, and by the insecurities of the DNS protocol can undermine the Internet in itself. What happens when all sites are actually there, but remain unreachable worldwide? The 2002 attacks on the root Internet servers indeed acted as a wake up to the international community on how fragile the current system really can be.

Some of the obstacles for a secure Internet from my point of view consist of :

- Plain text communications are the easiest, most common way malicious attackers can abuse a nation's communications, excluding the fact that the majority of communications remain unencrypted

- Lack of evolving compliance, threats change so fast, that everyone can barely keep up with them, and what used to be "secured" yesterday, is vulnerable today

- Less procedures and strategies, more actions, perfecting planning is futile, by the time you end you planning process you would have to change everything. My point is, empower those who are able to execute real actions towards improving security.

- The gap between government, private and academic sectors is resulting in a lack of integrated early warning systems, that would eventually benefit everyone

- Realization of a nationwide client-side sensor, I have also considered Symante's utilization of their 120M client based as the biggest, most sensitive honeypot ever.

To sum up my ideas, migration to the, at least though to be more secure Internet2 , would take years and cost billions of dollars on a worldwide basis, yet it's worth it!

Have an opinion? Share it!

Technorati tags :