Perceived Threats and the Importance of Security
This is the second post in a series dedicated to sharing the results from a survey of network operators carried out by GCA in 2021. Our aim with the survey was to understand the state of concern and preparedness for security issues in routing. In this post, and with other posts in the series, we are sharing our compiled results and findings.
In the last post, we provided the background of the survey mechanics, and shared the results of the demographics questions in the survey. Briefly, we had 51 responses considered valid, and they represented both technical and business decision makers at networks across the globe.
Today, we are focusing on the questions related to operators’ perceptions of the scale and scope of threats to the Internet’s routing system.
Remember that, if you have specific questions the data analysis might answer, we will be happy to consider them for future posts (please use our social media posts on LinkedIn and Twitter to share your thoughts, under the #RoutingSecurity hashtag). Finally, the collection of posts will be collated, polished, and published as a complete and referenceable report from the survey project.
Let’s go to our second round of questions then.
What do you think is the largest threat to your network?
The survey offered the following possible answers (select one):
- Route/Prefix Hijack
- Nation-State Attacks
- IP Spoofing
- Other (please specify)
Only one respondent selected ‘Other,’ and they specified the name of another network operator.
How important is routing security for you and why?
The survey asked respondents to rank their level of concern about routing security:
- Somewhat important
- Very important
- Not important
Possibly the survey pool was a little self-selecting, insofar as the vast majority of respondents to a survey on ‘Routing Security‘ stated they felt it was very important. On the other hand, there was not a lot of participation to push back on the very idea, so it seems safe to conclude that the topic is on network operators’ minds as an important topic.
We did get a number of thoughtful inputs, as about half of the respondents provided a reason for their answers (we are reproducing their answers literally):
- Because our mission to protect the network and our customers
- It is a small [fraction] of attacks overall
- Our primary issues are DDoS attacks, not route hijacking, etc.
- So far, routing security has not caused enough incidents to be more important [than] other issues we regularly see
- As we have many members connect to our peering LANs, this constitutes to a lot of vendors with various models of kit all running different software and hardware. Are all these secure?
- Trust with our customers is a huge element of our brand
- Our prefixes have been mistakenly announced by others in the past
- Prevents our prefixes from being spoofed
- We are a VoIP network and interception could [cause] security issues
- Business continuity
- Enterprise customers requirement
- We make software for it
- National security
- It is important to have [packets] delivered to [the] right place
- Operating an essential infrastructure
- Customer satisfaction and company reputation
- We carry the customers information, so it is very important
- Service availability
- If we have a routing problem, we fail every school, college, and university in the province— 500,000 students
- Our business relies entirely on the information exchanged in BGP. Our ability to provide reliable services is directly related to the trustworthiness of that information
- We have had numerous incidents and outages related to routing security (BGP hijacks and reflective UDP amplification DDoS are the most common)
- Because we need stable operation and block unwanted traffic or announcement
- Peering, the core business of every IXP, relies on routing security to be as good as possible
- A routing security incident (e.g., hijack) would have widespread impact with little recourse. The DDoS attacks we have seen tend to be focused on a specific IP or subnet, while a hijacking incident (which we have luckily not seen) would be network-wide
- Because any connection failure (routing) of the autonomous systems can impact the use of the Internet and today the Internet is an essential service
- All internet communications [depend] on routing
- Routing is one of the [pillars] of […] Internet resilience
- Network performance and [resilience] is important to our customers
- To guarantee the correct functioning of the service provided
- [No explanation provided]
Where do you believe the biggest threats to routing security come from?
We asked respondents to identify their primary source of concern for threats to routing security (not exclusive):
- Your own network management
- Your customers’ network management and routing announcements, if applicable
- Your customers’ customers’ (if applicable) network management and routing announcements…
- Unrelated networks
- Other (please specify)
Most respondents selected only one reason, though three respondents did select all of the first three options above, and two of those also selected the fourth.
The one ‘Other’ response was:
- Networks [with] which we have no direct relationship are probably the biggest risk
Beyond your own policies for managing your networks’ health, do you perceive any external pressures to update your routing security stance?
We wanted to know if network operators are feeling regulatory or other pressure to change. Rather than providing leading answers, we offered:
- If pressured, please specify
The result was basically split, with just a few more respondents answering ‘No.’ The collected reasons given (from ⅔ of the ‘Yes’ respondents) were:
- As others increase their security, it is [important] not to be left behind. Better to be in front
- RPKI compliance is now being built into tests for contracts or is user-facing in ‘health tests’
- General attention on MANRS and the like
- Government strategy
- Mandate by [regulatory] authority, NTA cybersecurity by-law
- CAIDA spoofer project and MANRS
- Nossos clientes Our customers’ enterprise
- Regular request by our customers/members, and also leading by example
- We have been pressured by members to perform IRRDB filtering along with RPKI on our route-servers. We have on our own accord extended this stance to our own network for AS[obscured]
- Providers like Google [and] Hurricane Electric are starting to require proper and correct IRR entries. Sad that it has taken a commercial entity taking unilateral action, but the effect has been positive
- We are the largest [service-type obscured] provider in the world, everyone is very [cautious] about security
Next time… we will go through the questions and responses related to ‘What are you doing with respect to routing security? What is your operational reality?’
The author, Leslie Daigle, is the Chief Technical Officer and the Director of the Internet Integrity Program at the Global Cyber Alliance. You can follow her on Twitter or connect with her on LinkedIn.