Security threats are as dangerous as data breaches in the digital landscape today. Data security is the bottom-line issue for every company heading into 2022, companies have to deal with threats like accidental sharing, ransomware, bad password hygiene, bribery, phishing emails, fraud, etc. Clearly, companies need to ensure the security of their systems and their customer data. But they also need to allow their end customers to connect to their digital services securely. Using the public Internet is a poor choice here because there is no way to control the pathways that the data takes. It has been five years since the Supreme Court recognized the importance of the data protection bill and sought a legislative framework for its making, yet the government is still at it to strike the right chord.
The Internet was conceived as a “best-effort” tool for communication, which is not sufficient for securing sensitive end-customer data. For example, banks need to bypass the public Internet, which they can do by setting up what is known as “peering”. This means the direct interconnection between two networks on an interconnection platform (also known as an Internet Exchange or IX) so that they can bypass the long and potentially dangerous route over the public Internet. Peering gives the partners control over data pathways, minimizes the risk of security breaches, and means the data does not need to travel so far, resulting in a significant improvement in latency and thus performance. Peering directly with other networks enables companies to offer their end customers a more secure and high-performance connection to their services.
Connecting directly to cloud resources
Traditionally, cloud resources have been accessed over the public Internet, with all the risks that this entails. By making use of a cloud exchange through a secure and high-performance interconnection platform, on the other hand, a company can connect its network directly with cloud provider networks, bypassing the public Internet. This strategy has multiple benefits: not only is the connection – and thus the data traveling through it – protected against malicious attacks against its resources, but also the direct connection means that the data doesn’t have to travel so far, so the access to resources and performance of applications improve significantly.
Network automation reduces risks
Network automation offers the answer to simplifying the art of connecting within and between networks. With the advent of virtual working and the need for hybrid and multi-cloud strategies to store data and run enterprise-grade applications, company IT infrastructures have rapidly become increasingly distributed and complex. The automation of interconnection ensures easy, flexible, and cost-efficient access to enterprise resources, at the same time reducing the likelihood of security incidents and misconfigurations. A single case of fat-fingered human error can result in a crippling misconfiguration which can take an organization’s IT offline until the fault has been found. Even the biggest players in the market are not immune to such risks, as the recent Facebook outage – which took the social media giant offline globally for more than six hours as a result of a misconfiguration – attests to. Better, then, to avail of automated interconnection services to ensure that clouds and resources remain reliably accessible and that no data is lost in the meantime.
IP hijacking
One risk to networks on the Internet is routing insecurity through IP hijacking. To give you an example of how this works: Let’s say you, as a malicious actor, want to wiretap the traffic that goes to an IP destination somewhere on the Internet – perhaps, for example, a particular webshop, because you want to steal the credit card details of the shop’s customers. You can start announcing the IP space of the webshop, and if you do it right, you can receive all the requests which go to the webshop. You can either drop the traffic so that the orders from the customers don’t get answered, or you can just pass it on to the webshop, having gleaned the information you wanted. This kind of IP hijacking can occur either by accident or on purpose. There have been incidents in the past where people have presumably done it on purpose – rerouting traffic from a bank, for instance, or also from the Bitcoin blockchain. But other incidents have certainly been accidental. YouTube was taken offline by Pakistan Telecom in 2008 because someone misconfigured something. They completely overloaded the network, because Pakistan Telecom Network was not big enough to handle all the load of queries going to YouTube.
With the increased number of networks and amount of IP space connected to the Internet, the increasing dependency of society on digital infrastructure, and also the value of the data being shared, it stands to reason that we can expect IP hijacking – whether it is malicious or unintended – to be growing. There are simply more players on the field. The Internet Society MANRS project found that from the year 2019 to 2020, there was close to a 40% increase in IP hijacking incidents, which is certainly worrying. Technologies like RPKI Origin Validation and IRR filtering – provided, for example, at the DE-CIX’s route servers –can be used to mitigate this problem. With such filtering in place, it is not so easy to accidentally announce the wrong IP space through a typing mistake or similar. It makes it possible to check whether a network is allowed to announce this IP space and if not, the announcement can be filtered out very easily.
The amount of personally identifiable information shared online or via mobile phones is directly proportional to the opportunities for third parties to access them. While the first line of defense must be us ourselves, digital infrastructure with heightened security measures provides added potential to combat such threats.
Authored by: Thomas King, Chief Technology Officer (CTO) at DE-CIX
