Connectivity security is core to civilization and all economies, and it is growing in importance.
The human tragedy of how the war in Ukraine is developing should make the data center, network, telecoms, and Internet industry think deeply about connectivity security and resilience.
It is a war being fought on many fronts. In the cyber sphere it could be a template for future conflicts.
The cyber front
Reports of Internet developments at the start of the war were enlightening.
According to a spokesperson for the Ukrainian Internet Association the country boasted over 4,900 ISPs as of December 2021; and The New York Times said preparations ahead of the crisis were made to create fail-safe links with each other and setting up new backup network centers.
A report in Networkworld.com quoted the group ThousandEyes as saying: “DNS and BGP, while not seen as attack vectors, remain points of potential vulnerability and should be closely monitored for impact to sites inside Ukraine and even beyond. Ukrainian organizations appear to be taking defensive measures by blocking selective traffic originating in Russia and in some instances China.”
In London in March 2022, LINX (London Internet Exchange) disconnected Russian telecoms companies Megafon and Rostelecom.
What keeps the Internet secure?
What keeps the Internet secure today is trust. But will that be enough in the future?
The Internet runs on high capacity, low latency interconnection points known as Internet Exchange Points (IXPs). Here hundreds and thousands of Gbps of data move between networks. IXPs provide common network fabric and physical connectivity.
Simply defined, they are places where ISPs meet to exchange IP traffic via BGP (Border Gateway Protocol peering). Their development was based on neutrality with IXPs being an Internet access solution built around people collaborating. Whether an IXP is based on commercial, not for profit association, or publicly owned operation ISP members depend on trust between each other and between themselves and the Exchange.
All IXPs are the product of partnerships and trust. For some they represent the very best of what can happen when interconnecting networks and people.
But might they be a growing security risk? Technologically the industry is making strides towards better Internet security.
The industry through the efforts of the internetsociety.org and the MANRS (mutually agreed norms for routing security) organization are building security policies and tools and what it calls program action sets for different network operator participants.
The Internet security technology battleground
Amplification attacks, packet manipulation, and replay attacks, Distributed Denial of Service (DDoS) attacks, Man in the middle attacks, Code and SQL injection attacks, the list of attack vectors goes on and on.
Layer 2 (across which most traffic is transported) network vulnerabilities are well documented. These include spanning tree protocol (STP) attacks, address resolution protocol (ARP) attacks, media access control (MAC) spoofing, content addressable memory (CAM) table overflows and many others
Bad actors seeking disruption and financial threat may be curtailed by agreed adherence to industry defined protocols, policies and practices.
A much bigger picture
However, it could be that in some ways we’re looking in the wrong place and missing the bigger Internet security picture.
If we consider what is actually happening in the world a publication from the US army, “The Cyber Defence Review, Unlearned Lessons from the First Cybered Conflict Decade, 2010-2020” is useful.
It states: “Internet governance has been the domain of a multistakeholder community. The members of the multistakeholder community increasingly expect to play a similar role in questions of international cybersecurity. Conversely, most governments had been content to leave Internet governance to civil society and corporations, but now, as governance affects their economies and safety, some want a more prominent or even guiding role in the digital world. This confluence - it could even be described as a collision - over roles and responsibilities is complicated by China and Russia’s differing visions for security, data governance, and sovereignty. The tensions between multistakeholders and government and between democracy and authoritarian views of digital governance complicate the discussions of the role of the private sector.”
Cyberspace is a contested domain, where opponents manoeuvre to position themselves for advantage now and in the event of a conflict.
Efforts by the industry must continue but we do ourselves, our customers and the public a disservice if we ignore the wider international geopolitical context.
In the paper “Four Internets” it is argued that we will see the development of different types of Internet which are controlled according to the desires of different national and international powers.
Potentially developing Internets range from the “bourgeois” Internet desired by Europe. An authoritarian Internet overseen by China. A RuNet with a list of approved exchange points in Russia and a commercially led Internet run by Silicon Valley.
“The internet — a fragile construction of hardware, software, standards and databases — is run by an ever-expanding range of private and public actors constrained only by voluntary protocols and subject to political pressure,” says the paper
What the role of infrastructure stakeholders will be in securing the Internet for the good of us all is being determined by events and actions.
Like the Internet itself, IXPs, data centers and networks should be neutral.
But when it comes to security the discussion on how we keep infrastructure safe needs active participation from all stakeholders and in this context, constant vigilance is required.