World Security Report June 2014
For the latest news, features, essential analysis and comment on security, counter-terrorism, international affairs, warfare and defence
For the latest news, features, essential analysis and comment on security, counter-terrorism, international affairs, warfare and defence
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
CYBER SECURITY<br />
CYBER SECURITY<br />
The<br />
importance<br />
of the<br />
Internet<br />
infrastructure<br />
for every day<br />
life.<br />
Every day we read about the single digital market, the importance of a free and open Internet and the need of<br />
trust and security in electronic communications networks. The Internet is an assumed, and for specific services<br />
critical, component of everyday life but yet we still have to develop methodologies to fully assess what are the most<br />
important components from a national and international perspective and how they are structured. This is important<br />
not only in the short term to understand our dependencies on network connectivity but also in the long term to<br />
properly focus efforts for enhancing the resilience of data communication networks.<br />
The Internet infrastructure<br />
is the backbone of the<br />
information society but as<br />
it has become clear in the recent<br />
news, different threats, both<br />
technical and geopolitical, can<br />
hamper its availability. Citizens<br />
expect national authorities and<br />
operators to be fully aware of the<br />
possible interdependencies and<br />
put in place all possible measures<br />
to ensure the security and<br />
resilience of their communications.<br />
To build trust and secure the<br />
future of the information society,<br />
answering the following questions<br />
is becoming increasingly<br />
important:<br />
• What is the Internet today,<br />
how is it organized, what can<br />
we understand from its current<br />
structure, which are the most<br />
important components of it?<br />
• What is a critical service, network<br />
or component in today Internet<br />
infrastructure and how can we<br />
define what is national and what is<br />
cross-border?<br />
• What assets and services are<br />
vulnerable and what happens<br />
to critical services if they are<br />
disrupted?<br />
• How can we enhance security<br />
and resilience of the Internet<br />
interconnections?<br />
Understanding the complexity<br />
of the most complex network<br />
humanity created is a challenging<br />
task. The Internet in 30 years<br />
has changed the way we work,<br />
communicate and interact as<br />
a society and we are still at the<br />
very beginning of this societal<br />
revolution.<br />
It is essential that we are fully<br />
aware of our dependency on<br />
the infrastructure and how it is<br />
organized in each country. This can<br />
also be useful to understand if part<br />
of the assets, belonging to Critical<br />
Infrastructure (CIs), should be<br />
treated with higher requirements<br />
of security and resilience and<br />
the role they play for the global<br />
coherence of the Internet. Any<br />
assessment should be done<br />
from a Critical Information<br />
Infrastructure Protection<br />
(CIIP) perspective and should<br />
involve the Internet operational<br />
community in fostering the<br />
security and resilience of public<br />
communication networks and<br />
in general for the benefit of the<br />
entire Internet. Moreover having<br />
such an understanding could help<br />
every country in establishing a<br />
constructive dialogue with Internet<br />
operators and participate in the<br />
multi-stakeholder discussion on<br />
how to maintain the Internet<br />
globally secure and resilient.<br />
1 Challenges<br />
Every component of the Internet<br />
layers has its own vulnerabilities<br />
and represents a topic of study.<br />
For example<br />
• Physical infrastructure – cable<br />
systems and submarine cables are<br />
critical as well as the dependency<br />
on power supply 1 . Moreover<br />
communications can be tapped or<br />
targeted by specific attacks.<br />
• Hardware – In all the incidents<br />
regarding availability reported to<br />
ENISA in 2012 2 , hardware failure<br />
was the most common cause.<br />
• Software and Protocols – bugs<br />
in protocol implementation and<br />
exploitation of vulnerabilities<br />
as in traffic hijacks are realistic<br />
scenarios.<br />
Looking at the different<br />
components of the infrastructure,<br />
both at physical and at logical<br />
level, the following lists can be<br />
considered as an example<br />
of an initial set of threats that<br />
should be covered in an all<br />
hazard approach (Table 2):<br />
In recent times there have<br />
been several incidents that<br />
can be used as an example<br />
of the threats to which the<br />
infrastructure is vulnerable<br />
(see list below). While these<br />
incidents didn’t affect the<br />
Internet at a global scale<br />
or European scale, the<br />
effects on a local scale<br />
were rather noticeable or<br />
underline the persistence of<br />
known vulnerabilities. They<br />
therefore serve as a reminder<br />
that while the Internet at global<br />
level can be considered resilient,<br />
it cannot be taken for granted<br />
that this is also true for the local<br />
part of the Internet infrastructure<br />
serving a particular region, or<br />
country or involved in a targeted<br />
attack. Even disputes between<br />
private, non-State actors can have<br />
important effects on the local<br />
Internet infrastructure.<br />
Different causes of incidents can<br />
affect the different components:<br />
• Natural disasters and cable<br />
Table 2 – Threats to the physical and logical infrastructure<br />
cuts can affect the connectivity to<br />
specific areas 3 :<br />
• Attempts to block one country’s<br />
connectivity via physical 4 and<br />
network 5 disruption can have<br />
cascading consequences for<br />
Internet users even in another<br />
country due to the cross border<br />
nature of interconnections<br />
• Misconfigurations 6 can cause<br />
temporary and involuntary traffic<br />
reroutes<br />
• Large attacks 7 to specific services<br />
can have repercussions and create<br />
congestion<br />
• BGP hijacks or man in the<br />
middle attacks 8 and attacks to the<br />
DNS infrastructure 9 can be used to<br />
transparently reroute and intercept<br />
traffic or black hole it for a certain<br />
destination 10<br />
2 ENISA Efforts for the security<br />
and resilience of communication<br />
networks<br />
ENISA, the European Union<br />
Agency for Network and<br />
Information <strong>Security</strong> has studied<br />
the resilience of Internet<br />
infrastructure in Europe since<br />
2010, paying attention to both<br />
the technical and organizational<br />
components. The goal is to<br />
provide Member States with<br />
frameworks and resources to<br />
better secure and ensure the<br />
resilience of their networks. The<br />
“Inter-X: Resilience of the Internet<br />
Interconnection Ecosystem 11 “<br />
study was the first step ENISA<br />
took towards studying this area in<br />
2010. In 2011, it was followed up<br />
with a study assessing technical<br />
(e.g. logical, physical, application<br />
layers, replication and diversity of<br />
services and data, data centres),<br />
peering and transit e.g. Service<br />
Level Agreements (SLAs), as well<br />
as market, policy and regulatory<br />
4 - <strong>World</strong> <strong>Security</strong> <strong>Report</strong> www.worldsecurity-index.com www.worldsecurity-index.com<br />
<strong>World</strong> <strong>Security</strong> <strong>Report</strong> - 5