I recently wondered, are there any existing government practices towards securing the entire Internet?
So I went though the
U.S National Strategy to Security Cyberspace,
to find out what is the U.S up to given it still maintains "control" of
the Internet. What is the Internet's biggest weakness? No, it's not a
sophisticated term, its a common word called design.
A fact that
is often neglected as the core of all problems, is that the Net's design
by itself was primarily developed for reseach purposes. That is,
universities and scientists exchanging data, users whose activities
would definitely not result in the following :)
- infect the competing Ivy League universities with malware, and "borrow" as much intellectual property as possible
- Conduct DNS poisoning and redirect their competition's site to their own one
- Eavesdrop on their fellow researcher's communications
The
Internet wasn't mean to be as secure as we wished it could be today.
So, when it became public and turned into today's part of daily life, I
feel this weakness started to remerge on a harge scale.
Perhaps
the second biggest vulnerability is the ability to forge source
addresses, and given you can spoof the origins of your packet no
accountability for a great deal of today's threats is present. IPv6
isn't the panacea of security, and would never be though. There are as a
matter of fact a lot of vulnerabilities related to mostly,
implementation, and awareness on the possibilities. But the introduction
of IPv6 over the Internet, still remains an ambition for goverments and
organizations across the world. As a matter of the the U.S
DoD indicated their troubles while migrating to IPv6, but they desperately
need it. Though, I greatly feel the sooner the better.
The
current Internet IP space is so easily mapped and datamined, that on
most occasions,such transparence is mostly beneficial to malicious
attackers. I believe that security threats can indeed have a national
security impact, of course, given their sevirity and actual abuse.
Today's information and knowledge driven societies are largely dependent
on information and technology infrastructure for most of their needs.
This has on the other hand boosted a tremendous technological growth. It
eventually resulted in an increased world productivity, but the
dependance can also affect real life situations on certain ocassions.
Can cyberspace indeed influence real-life situations and cause havoc? Would
someone wants to bring down the Internet, and how sound is this? What
are the main driving factors behind the known weaknesses of the
infrastructure, and how can their negative effects be prevented?
I
greatly feel that the growth of E-governments, native Internet
population, improved communication infrastructure, thus more bandwidth
and opportunities,are crucial for the growth of a nation. The only
weakness besides actual usability or utilization, is Security.
Going
back to the report, it clearly highlights and takes into consideration
both, soft and hard dollars. That is, enemies conducting espionage over
companies, universities, or mapping key government, industry networks,
and easily reachable known targets to be used later on. Hit-lists for
potential targets can be easily gathered in today's open source
intelligence world.
On a worldwide basis, the implications to the
entire Internet posed by insecure DNS servers, and by the insecurities
of the DNS protocol can undermine the Internet in itself. What happens
when all sites are actually there, but remain unreachable worldwide? The
2002
attacks on the root Internet servers indeed acted as a wake up to the international community on how fragile the current system really can be.
Some of the obstacles for a secure Internet from my point of view consist of :
-
Plain text communications are the easiest, most common way malicious
attackers can abuse a nation's communications, excluding the fact that
the majority of communications remain unencrypted
- Lack of
evolving compliance, threats change so fast, that everyone can barely
keep up with them, and what used to be "secured" yesterday, is
vulnerable today
- Less procedures and strategies, more actions,
perfecting planning is futile, by the time you end you planning process
you would have to change everything. My point is, empower those who are
able to execute real actions towards improving security.
- The
gap between government, private and academic sectors is resulting in a
lack of integrated early warning systems, that would eventually benefit
everyone
- Realization of a nationwide client-side sensor, I have
also considered Symante's utilization of their 120M client based as the
biggest, most sensitive honeypot ever.
To sum up my ideas,
migration to the, at least though to be more secure Internet2 , would
take years and cost billions of dollars on a worldwide basis, yet it's
worth it!
Have an opinion? Share it!
Technorati tags :
cyberspace,
security,
information security,
IPv6,
Internet2
Continue reading →
Last week, a report released by the research firm In-Sat estimated that revenues for IP VPNs will double between 2004 and 2009 to $658 million.
RSS Feed