That's what occurred earlier this year when Pakistan Telecom inadvertently hijacked YouTube traffic from around the world. The traffic hit a dead-end in Pakistan, so it was apparent to everyone trying to visit YouTube that something was amiss.This hack is a symptom of a much bigger issue. The real problem is that the Internet is built and depends on protocols that were created in 1980 (IPv4), 1982 (SMTP), 1984 (DNS), 1995 (BGP), etc. and we (the IT community) have been stacking more complexity on top of very simplistic and insecure infrastructure.
Pilosov's innovation is to forward the intercepted data silently to the actual destination, so that no outage occurs.
Problems such as spam, IP spoofing, DNS cache poisoning, ARP poisoning, etc. are very effective and hard to detect or stop because the protocols themselves have little to no built-in security mechanisms. Why hasn't the industry fixed this? There is too much money in not fixing the problem. Network hardware vendors such as Cisco, Juniper, 3Com, Nortel, Lucent, etc. have no incentive to fix the inherent problems since they make too much money on selling security devices, software, and services that slap band-aids on the problems, slowing down but never stopping attacks. Once the attacks pick up again or a new threat emerges the vendors are ready with more devices, software, and services... more band-aids.
ISPs... have been holding their breath, "hoping that people don’t discover (this) and exploit it."How do we fix this? We need the users of these products big and small to start demanding fixes to the fundamental security issues. Without monetary incentive these companies will continue to push their "fixes" upon us and leave the core infrastructure of the Internet vulnerable to attack. Until then? Keep buying band-aids, check DNS and eBGP periodically to ensure proper resolution and routing and cross your fingers.
No comments:
Post a Comment