Kazakh authorities have launched a new online security initiative, which many fear is an attempt to ramp up control over the internet ahead of next months parliamentary elections.

On Monday the Ministry of Digital Development, Innovation and Aerospace Industry announced a drive to combat cyber attacks within the country, titled Cyber Security Nur Sultan-2020. According to official statistics, attempted online breaches have almost tripled over the past year, owing to the shift to remote work caused by the coronavirus pandemic.

During the period of cyber training, various problems may arise with access to some foreign internet resources, which can be eliminated by installing a security certificate, read a statement by the ministry.

Most major websites use security certificates to prove their authenticity and create secure connections to a server when accessed through a browser. These certificates are generally approved by trusted authorities and protect users against what are known as man-in-the-middle cyber attacks.

In Kazakhstans case, the certificate authority becomes the state itself, meaning that the government controls what stands between an internet user and the services they can access. After installation, the certificate is also capable of redirecting users to other websites or reading information exchanged between them and the sites they are visiting.

Why it matters: The human rights risk here is that you are allowing the government in this case, to be candid, an authoritarian repressive government, eager to stifle dissent to have access to the things you do on websites, which you often use to relay sensitive information, said Noah Buyon, a Freedom House research associate specializing in digital rights in Eurasia.

Subscribe to Oligarchy

Sign up for our newsletter on money and power during the pandemic

Arshyn Taizhanov, a web developer and co-founder of the group Internet Freedom Kazakhstan, added that many in the country oppose the certificate. Some also believe that it has been introduced before parliamentary elections, scheduled for January 10, to increase control over internet usage and place pressure on opposition activists.

Buyon said that he considered the move to be a power play designed to send the message that the government has the capability to interfere with peoples right to access independent information.

The bigger picture: Its not the first time Kazakh authorities have tried something like this. The ministry launched a similar security certificate last summer, but major tech companies that produce browsers, including Google, Apple and Mozilla, blocked it. Shortly after, the certificate was retracted.

Kazakhstan scores 32 out of 100 and is classified as not free in Freedom Houses 2020 Freedom on the Net report. Buyon says the situation has worsened since large-scale anti-government protests last summer, which were met with internet shutdowns and the prosecution of activists under extremism charges.

The rollout of the national security certificate is part of this counter reaction, Buyon said. I think its going to be critical to look out for the reaction of tech companies here, because they really were the heroes of last summers saga. And they do have a power, in this sort of narrow line of attack that the government is launching, to make a positive difference.

Continue reading here:
Kazakhstan ramps up control of the internet ahead of elections - Coda Story

Cyberconflict is an unfortunate growing trend impacting businesses and governments. Learn the risks and possible solutions from an industry expert.

Image: iStock/Infadel

Recently, I found out the hard way that cyberattacks aren't relegated merely to high-profile businesses nor engaged in by shadowy foreign agents. They can happen right here in your town.

SEE:Zero trust security: A cheat sheet (free PDF)(TechRepublic)

That's what happened to my teenagers' school system at a town in Massachusetts when someone engaged in a distributed denial of service (DDoS) attack against the Wi-Fi network. It was so crippling and pervasive that the school system had to bring in cybersecurity experts to resolve the problem.

The consensus seemed to be that the attacker had an agenda to thwart the virtual learning the students were engaged in and apparently force all the kids back to school full time for whatever reason.

This criminal activity did not succeed, fortunately, and was brought to a halt without identifying the perpetrator(s), but it got me thinking about the concept of weaponizing cybersecurity in this manner to generate conflict.

I spoke with Michael Schenck, director of Security Services at Kaytuso, a cybersecurity service provider about the concept, and he told me about the term "cyberconflict."

Scott Matteson: What is cyberconflict?

Michael Schenck: [Cyberconflict is] cyberattacks that have a background in international relations or bring about consequences that can escalate to a political and diplomatic level.

Cyberattacks on trust are more worrying than those intended to produce physical effects. Attackers find it easier, and perhaps more effective, to weaken the bonds of military alliance rather than go after fighter jets, or corrupt financial data rather than destroy banks' computers.

Cyberattacks on trust and integrity have a much lower threshold, are harder to detect and deter, and can cascade through interconnected systems.

SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)

Scott Matteson: When does cyberconflict escalate?

Michael Schenck:Cyberconflict is more likely to arise for political, social, and economic reasons, rather than to physically destroy infrastructure. It's more of a risk during significant political moments, such as voting times/elections.

Impulsive action, confused decision-making, or any crossed signals can trigger unanticipated and unwanted cyberattack escalations.

For example, cyberconflict escalated when the US killed Iran's Qassem Soleimani in early January. The week following Soleimani's death, there were around35 organizations attacked by cyber offensives "specifically traced" to Iran's state-sponsored hacking groups. Around 17% of those targets were in the US.

Scott Matteson: How does it affect consumers and businesses?

Michael Schenck:Cyberconflict creates greater risk for corporate information and financial information to be stolen, as well as theft of money and disruption of trading stocks. The biggest things companies worry about is the damage to their reputation if this happens and the loss of trust their customers would have with them.

There are a lot oflegal consequences businesses can face from this, too (such as fines and regulatory sanctions).

When Iran/US tensions were high, there were genuine concerns that a state-sponsored attack might be mounted against critical infrastructure (energy, transportation, finance) but also that a raft of commercial organizations in the US would see concerted attacks on data and systems, to steal or destroy.

With the elevation of these tensions, businesses and consumers need to prepare for cyber disruptions, suspicious emails, and network delays. This can come in any form of a digital attempt to access private information (from individuals, companies, and government agencies).

In January 2020, Texas Gov. Greg Abbott said state agencies had seen10,000 attempted attacks from Iran per minute in the span of 48 hours.

Scott Matteson: What should companies be doing differently to protect against cyberconflict?

Michael Schenck:If your company doesn't already have a CISO, hire a firm that offers virtual CISO (vCISO) services. This is a high-level consultant that can speak to stakeholders about the real risk to your business. They also can advise on where you currently stand on cybersecurity and where you should be. Beyond that, I can't speak to what companies should be doing differently, as some already may be following a standard of best practices provided by NIST, ISO, GIAC, or the Center for Internet Security.

Some other things I recommend that most companies we've worked with don't have is a security information and events management (SIEM) or network threat monitoring such as Cisco Talos intelligence-based network threat detection (like the Meraki advanced security license), Cisco Firepower for ASA firewalls, or Palo Alto SourceFire for next-gen firewalls. Larger companies may also be interested in solutions from FireEye.

Another big area that seems to be lacking is effective business continuity planning and response procedures. Just take a look at what's happening globally right now without a cyber event due to COVID-19. Companies need to ask themselves what would happen if key infrastructure like power or internet was disrupted? Are your vendors and service providers addressing those concerns as well? CISOs, vCISOs, and cyber teams should constantly be thinking through their plans and response procedures for cyberattacks.

SEE: Disaster recovery and business continuity plan (TechRepublic Premium)

Scott Matteson: Are there any measures that should be taken right after a political, social, or economic incident (e.g. temporarily increase logging detail)?

Michael Schenck:Vigilance should certainly be higher before planned political events (scheduled protests, elections, etc.). The best thing to do is remind everyone to exercise reasonable doubt with what they see online or receive in their email. If you have a network threat detection service, you should verify with your account representative or service provider that they are keeping up with real-time intelligence. The same goes for SIEM appliances or managed detection and response service providers.

Scott Matteson: Who are some of the key players in this space, both from a "good" and "bad" perspective?

Michael Schenck:I previously mentioned some of the key enterprise vendors with solutions that help protect against cyberconflict (Cisco, Palo Alto SourceFire, Fireye, etc.). The "good guys" are also the usual suspectsWestern intelligence and security services like the FBI. There are also big IT companies that show a focus on security including Microsoft, ESET, Cylance, Cisco, and FireEye.

As for the "bad guys," state-sponsored hackers from Russia, Iran, China, Syria, and North Korea are key players. State-sponsored hackers demonstrate the extent to which nation-states continue to leverage cyberattacks as a tool to gain intelligence or influence geopolitics. In 2019, Microsoft notified close to 10,000 people that they had been targeted by state-sponsored hackers. In many of these cases, victims were either targeted or compromised by hackers working for a foreign government.

Freelance hacktivists are also key players in this space from a "bad" perspective. Motivated by civil disobedience, hacktivists seek to spread ideologies and create total anarchy. They typically see themselves as vigilantes who use hacking to enact social justice and policy changes, but they employ the same malicious tools and tactics as typical hackers.

Scott Matteson: What are the most prevalent types of threats and activities?

SEE: Identity theft protection policy (TechRepublic Premium)

Michael Scheck: The biggest risk is people. Whether it be intentional or accidental, the insider is the biggest threat because we have to give some trust to our workforce. The threat remains similar to what we've seen over the yearsemails with malicious attachments or links. At Kaytuso, we've actually seen a significant uptick in malware being spread by email via attachment. The hackers writing these viruses are getting better at hiding from scanners. Some of these techniques include not doing anything if the malware believes it's running in a sandboxa virtual machine that executes and opens the attachments to see if it identifies anything malicious. This means that there's greater success in the distribution of malware. With the technology that's preventing and blocking malware being less than perfect, people are the biggest risk for clicking on that link or opening an attachment.

Scott Matteson: How should governments work together in order to prevent or curtail cyberconflict?

Michael Schenck:That's the tricky question, especially when talking about international politics and security. In that scope, it is always double-edged. Protection improvements can also make intelligence efforts more difficult, making it harder to protect against tomorrow's attacks. The best method here would be for more transparency from the government and revealing flaws to security vendors sooner. For example, if Microsoft had been informed about the EternalBlue vulnerability sooner, they would have been able to patch it even earlier and limit the damage from the ransomware attacks in 2017.

Scott Matteson: What are some subjective examples of cyberconflict attacks?

We've seen some examples over the years including schools and cities being locked out of their systems. There have been reports that Stuxnet and Flame malware were products of Western intelligence. Another example stems from Russia and their ongoing cyberwarfare against the US.

From a commercial business standpoint, hacktivism is a prime example of cyberconflict. I briefly mentioned hacktivism before, but it's a mix of hacking and activism, where foreign hackers are using the internet to push political agendas or social change. Economic espionage is also very real. Hackers target the theft of critical economic intelligence such as trade secrets and intellectual property in a number of areas (technology, finance, government policy).

Scott Matteson: What was the impact/result?

Michael Scheck: The result of these types of cyberconflict attacks has been increased geopolitical tensions, millions in losses, theft of sensitive intellectual property, and physical damage to industrial equipment.

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays

Read this article:
Cyberconflict: How it can reach beyond government systems, and how to protect your business - TechRepublic

ThreatConnect released ThreatConnect Risk Quantifier 5.0 (RQ 5.0), continuing its innovation in the emerging field of cyber risk quantification.

ThreatConnect Risk Quantifier (RQ formerly Nehemiah Risk Quantifier) enables the identification of the risks that matter most to the organization by quantifying them based on potential financial and operational impact, unifying security and the business to a common goal.

This quantification relies on generally accepted risk models such as the popular Factor Analysis of Information Risk (FAIR) model, among others. It is also established in part by, and continuously informed by, your internal environment, threat intelligence, vulnerability management, operations and response data found within ThreatConnect and other integrations.

RQ is distinctly different from other approaches offered in the market as it focuses on automation and data integration, and delivers value in days and weeks as opposed to months and years.

Companies cannot effectively prioritize vulnerabilities by leveraging risk scores alone. Effective prioritization requires an understanding of the impact an unmitigated vulnerability could have to the business.

By quantifying risk, based on possible losses from business interruption and response, vulnerability exposure can be directly linked to the business services that are affected.

With RQ 5.0, security professionals for the first time have a way to understand the potential financial risk that Common Vulnerabilities and Exposures (CVEs) introduce to an organization and prioritize those CVEs that could lead to the greatest financial loss if an attacker succeeds.

RQ 5.0 takes into account existing technical scoring methods, including CVSS Scores, and uses that data as a weighting for the financial impact.

This is an important capability that businesses have been demanding and that other vendors cannot address, said ThreatConnect Vice President of Cyber Risk Strategy Gerald Caponera.

Now, through integration with your vulnerability management software, we are able to help organizations handle the flood of CVEs they get every day and prioritize them based on the quantified financial risk each introduces to the specific business ultimately bringing relevancy and focus to the security team.

RQ 5.0 also introduces support for multiple security control frameworks, including the NIST Cybersecurity Framework and the Center for Internet Security Controls. Now customers can have their prioritized recommendations based on the framework of their choice.

Businesses also need a way to identify gaps in their program and the risk those gaps represent to the organization, Caponera said. With RQ 5.0 they can show the business solid numbers that support a prioritized list of recommendations based on the framework of their choice and their organizations tolerance for financial risk by application.

Another new feature of RQ 5.0 includes a powerful what-if impact analysis tool that allows security leaders to model changes to application security control levels in a sandbox environment.

Running the models enables security leaders to communicate to the C-Suite how increasing investment in security controls can lower the annualized loss expectancy stemming from the organizations highest priority risks.

Using a risk-led approach to cybersecurity makes prioritization easy for security teams, enabling them to filter out noise and focus on what matters most. With CRQ, TIP and SOAR capabilities combined, ThreatConnect unifies the actions of the security team around the most critical risks, supports their response with streamlined and automated workflows and strengthens the entire security ecosystem through powerful technology integrations.

Read more from the original source:
ThreatConnect Risk Quantifier 5.0: Continuing innovation in the field of cyber risk quantification - Help Net Security

Everyone grasps, on some level, that cyber-security or more correctly, the cyber-crime at which cyber-security is aimed is a big problem. But when you really look into it, the scale of the cyber-crime problem is truly staggering.

According to leading industry research firm Cybersecurity Ventures, cyber-crime is predicted to inflict US$6 trillion ($8.1 trillion) in damage globally in 2021, up from US$3 trillion in 2015: if it were measured as a country, that would make cybercrime the worlds third-largest economy, after the US and China.

Cybersecurity Ventures 2020 Official Annual Cybercrime Report says cybercrime is the greatest threat to every company in the world, and one of the biggest problems with mankind: it is bigger than the illegal drug trade. The report quotes Jack Blount, former chief information officer at the United States Department of Agriculture (USDA), and now chief executive officer at enterprise security software company INTRUSION, as saying: Every American organization in the public and private sector has been or will be hacked, is infected with malware, and is a target of hostile nation-state cyber intruders.

In fact, Blount prefers the term cyber-warfare to cyber-crime.

Last year, Chinese tech giant Huawei admitted that it endures about one million cyber-attacks on its computers and networks every day.

Cyber-security consultant Tony Barnes, director of Cyber Research Group, told this writer last year, When you switch servers on, theyre like magnets in the way they attract attacks. Barnes said that showing organisations the scale of the constant attacks on them is a penny-dropping moment: When people visualise it, it scares the pants off them, he said.

The level of threat is reinforced seemingly every week with news of high-profile hackings and data breaches. Last month, Prestige Software, a company that services hotel reservation platforms for Hotels.com, Booking.com, Expedia and more, reportedly left exposed the data of millions of those sites customers, including names, credit card details, ID numbers and reservation details. Also in November, US networking equipment vendor Belden admitted to being hacked, and even global cyber security firm Sophos owned up to suffering a data security breach.

This week, cybersecurity firm FireEye was the victim of a state-sponsored cyber-attack.

The $3.5 billion FireEye identifies the culprits of some of the worlds major cyber hacks and counts Sony and Equifax as its clients.

According to FireEye, one of ASX listed WhiteHawk's vendors (see below), the hack was carried out by a nation with top-tier offensive capabilities.

Though not named, fingers have been pointed at Russian intelligence agencies.

Hackers accessed FireEye's internal network and stole its red team tools, which could be useful in mounting new attacks around the world.

FireEye CEO, Kevin Mandia said of the attack, "Based on my 25 years in cyber security and responding to incidents, I've concluded we are witnessing an attack by a nation with top-tier offensive capabilities... The attackers tailored their world-class capabilities specifically to target and attack FireEye.They used a novel combination of techniques not witnessed by us or our partners in the past."

The breach is now being investigated by the FBI and Microsoft.

The hack raises the possibility that Russian intelligence agencies saw an advantage in mounting the attack while American attention including FireEyes was focused on securing the presidential election system, Mandis said.

This is potentially the biggest known theft of cybersecurity tools since 2016 when ShadowBrokers group targeted the NSA and dumped their hacking tools online.

This list of major hacks just in 2020 from IT newsletter/website ZDNet makes sobering reading.

However, the silver lining to the cyber-crime pandemic is that there are very smart people working on cyber-security solutions and in many cases, these companies are investable stocks. As befits the scale of the problem, cyber-security is emerging as one of the biggest secular investment theme of the 2020s.

The Australian Securities Exchange (ASX) hosts a small but intriguing group of cyber-security companies, including:

WhiteHawk (WHK)

Headquartered in Virginia, USA, WhiteHawk developed and operates the first online cybersecurity exchange, enabling businesses of all sizes to manage cybersecurity threats. This year, WhiteHawk has won a range of contracts (and contract extensions) across four main sectors the US government sector (a US agency and a department), the manufacturing sector, the financial sector and the Defence Industrial Base (DIB), the term for the worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet US military requirements.

WhiteHawk has built its cyber-risk-focused business model to give it commercial and technical agility, being able to partner with the best open data and AI-enabled platforms, allowing the company to continually evolve to align with customer needs and appetites. It has positioned itself well in the US cyber-risk market, across companies and organisations of all sizes, and is now seeking to increase its business internationally.

Read: Delivering Cybersecurity Solutions

Tesserent (TNT)

Cyber-security and network services company Tesserent provides Internet security-as-a-service for a customers computer infrastructure, including firewall, authentication, anti-virus, anti-malware/spyware, intrusion detection, and security event management, typically provided on a subscription basis. Its customers both Australian and international come from the government, corporate and education fields. The companys products and services include network perimeter security, secure internet connectivity, data storage services, and internal network security services. The company has made a series of high-value strategic acquisitions recently, and in November, Tesserent announced that it will step into the real world, with a new joint venture with New Zealand firm Optic Security Group that will incorporate both cyber and physical security solutions.

Senetas (SEN)

Senetas provides data encryption hardware, engineered for high-speed networks, to major corporations and governments. Senetas encryptors now protect network transmitted data in more than 35 countries, and are used by customers ranging from government organisations with highly sensitive information, for example, the US defence forces, to commercial and industrial organisations, banks and global financial transactions systems providers, cloud and data centre service providers and small businesses. Senetas services segment offers its customers absolute control over file sharing and data sovereignty through its platform SureDrop. In 2020, Senetas acquired Israeli cyber-security firm Votiro, a leading provider of Content Disarm and Reconstruction (CDR) technologies, which markets its Disarmer and Secure File Gateway solutions globally for a wide range of applications, including file-transfer, email, removable devices and collaboration platforms.

archTIS (AR9)

Canberra-based archTIS has developed a cloud-based software-as-a-service (SaaS) security and collaboration platform called Kojensi, which arose out of a solution built for the Australian Department of Defence, and further developed in trials involving a number of Australian Federal Government agencies, including the Commonwealth Attorney Generals Department (AGD) and the federal Aged Care Royal Commission. The system has subsequently been deployed in the AGD, the Commonwealth Ombudsman and the Australian Criminal Intelligence Agency, and the first non-government clients, in aerospace giant Northrop Grumman and Western Australias Curtin University. archTIS is marketing the Kojensi platform to industries that service the government, and which also need to share sensitive and classified information.

Kojensi is hosted within a protected cloud environment accredited by the Australian Signals Directorate (ASD). The platform is being marketed as a secure content and collaboration cloud service, which offers a combination of enterprise content management capabilities, collaboration tools and workflows. Instead of using passwords, the Kojensi platform creates an electronic fingerprint on the data or documents, determining who can access the material, where, and when.

Also, Australian company VeroGuard is targeting a dual listing on the ASX and Singapores SGX over the next 12 months, as it seeks to commercialise its VeroCard product, which centres around the creation of a unique digital identity for individual users, based on the interbank communication protocols, applied to the internet. The VeroCard technology which will be manufactured in Adelaide removes traditional password and online identity problems, and guarantees a users identity online: company founder Daniel Elbaum says it is impossible to hack, as there is no known source of encryption. In October, VeroCard received the highest security certification available from the US-based Payment Card Industry Security Standards Council.

For investors who want a broadly diversified exposure to the cyber-security theme and the expected boom in cyber-security spending, the ASX also hosts the BetaShares Global Cybersecurity ETF (exchange-traded fund), under the code HACK. The HACK portfolio is 89.5% invested in US companies, with Israel (3.3%) and the UK (3.1%) the next-largest allocations. Systems software dominates the industry breakdown, at 51.9% of the portfolio, followed by IT Consulting (15.4%), internet services and infrastructure (12%) and communications equipment (11.9%).

HACK is designed to track (before fees and expenses) the Nasdaq Consumer Technology Association Cyber-Security Index, which comprises 43 companies. This is a diversified collection of companies, but most are small and mid-cap companies that are not well-known in Australia. At present the five largest holdings are: Crowdstrike Holdings (6.7% of the portfolio), Okta (6.3%), ZScaler (6%), Accenture (6%) and Cisco Systems (5.9%).

Since inception in August 2016, the HACK ETF has earned its Australian investors 19.2% a year, lagging its index, on 19.8% a year. In the three years to November 30, HACK generated 21.4% a year, versus 22% for the index.

HACK costs 0.67% a year in management fees. It is not currency hedged, so returns can be affected by foreign exchange fluctuations.

See more here:
Cybersecurity wars and the companies combating incursions - Finfeed

Analysis: the internet is currently a cyber Wild West, but its outlaw days may be slowly coming to an end

ByVasileios Giotsas, Lancaster University

How could a small internet service provider (ISP) in Pennsylvania cause millions of websites worldwide to go offline? Thats what happened on June 24th2019 when users across the world were left unable to access a large fraction of the web. The root cause was an outage suffered by Cloudflare, one of the internets leading content hosts on which the affected websites relied.

Cloudflare traced the problem to a regional ISP in Pennsylvania that accidentally advertised to the rest of the internet that the best available routes to Cloudflare were through their small network. This caused a massive volume of global traffic to the ISP, which overwhelmed their limited capacity and so halted Cloudfares access to the rest of the internet. As Cloudflare remarked, it was the internet equivalent of routing an entire freeway through a neighbourhood street.

This incident has highlighted the shocking vulnerability of the internet. In 2017 alone, there were about 14,000 of these kinds of incidents. Given it is mission-critical for much of the worlds economic and social life, shouldnt the net be designed to withstand not just minor hiccups but also major catastrophes, and to prevent small problems turning into much bigger ones? Governing bodies such as the EU Agency for Network and Information Security (ENISA) have long warned of the risk of such cascading incidents in causing systemic internet failure. Yet the internet remains worryingly fragile.

We need your consent to load this YouTube contentWe use YouTube to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences

From BBC Click, how does the internet actually work?

Like a road network, the internet has its own highways and intersections that consist of cables and routers. The navigation system that manages the flow of data around the network is called the Border Gateway Protocol (BGP). When you visited this website, BGP determined the path through which the sites data would be transmitted to your device.

The problem is that BGP was designed only to be a temporary fix, a "good enough" solution when the internet was rapidly growing in the late 1980s. It then proved good enough to help the net sustain its explosive expansion and quickly became part of every backbone router that manages the flow of data down the internets principal pathways. But it wasnt built with security in mind, and mechanisms to ensure that the paths BGP sends data down are valid have never been added. As a result, routing errors go undetected until they cause congestion and outages.

The tussle between thesedifferent players with competing interests means they don't have incentives to make their own part of the internet more secure

Even worse, anyone who can access a backbone router (and doing so is trivial for someone with the right knowledge and budget) can construct bogus routes to hijack legitimate data traffic, disrupt services and eavesdrop on communications. This means the modern internet operates using an insecure protocol that is exploited on a daily basis to compromise communications from governments, financial institutions, weapon manufacturers and cryptocurrencies, often as part of politically-motivated cyber-warfare.

These issues have been known about at least since 1998, when a group of hackers demonstrated to the US Congress how easy it was to compromise internet communications. Yet, little has changed. Deploying the necessary cryptographic solutions turned out to be as hard as changing the engines of an airplane in mid-flight.

In an actual aviation issue, such as the recent issues with Boeings 737 MAX aircraft, regulators have the authority to ground an entire fleet until it is fixed. But the internet has no centralised authority. Different parts of the infrastructure are owned and operated by different entities, including corporations, governments and universities.

The tussle between thesedifferent players, which often have competing interests, means they dont have incentives to make their own part of the internet more secure. An organisation would have to bear the significant deployment costs and operational risks that come with a switch to a new technology, but it wouldnt reap any benefits unless a critical mass of other networks did the same.

The most pragmatic solution would be to develop security protocols that dont need global coordination. But attempts to do this have also been impeded by the decentralised ownership of the internet. Operators have limited knowledge of what happens beyond their networks because of companies desires to keep their business operations secret.

We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences

From RT 2fm's Dave Fanning Show, Accenture security lead and vice-chairperson of Cyber Security Ireland Jacky Fox onwhat we can do to prevent security breaches

As a result, today nobody has a complete view of our societys most critical communications infrastructure. This hinders efforts to model the internets behaviour under stress, making it harder to design and evaluate trustworthy solutions.

The direct implications of this bleak situation on national security have led government agencies to intensify their activities to protect their critical internet infrastructure. For example, the UK National Cyber Security Centre (NCSC) recently launched the Active Cyber Defence (ACD) program, which puts the security of internet routing among its top priorities.

As part of this program, my own research involves mapping the internet at an unprecedented level of detail. The aim is to illuminate hidden locations where the infrastructure is particularly susceptible to attack and responsible for cascading failures.

At the same time, new initiatives are attempting to make security a more routine consideration for people who work for organisations controlling internet infrastructure.

As we become more economically dependent on the internet, the cost of outages will grow further. And the advent of cryptocurrencies, whose transactions are fundamentally vulnerable to BGP hijacking attacks, could finally make resolving this problem a priority for internet infrastructure businesses.

Its no exaggeration to say that the internet is currently a cyber Wild West. But after two decades of ineffectual efforts, theres a chance the outlaw days may slowly be nearing to an end.

Vasileios Giotsasis a Lecturer in Computing and Communications atLancaster University. This piece originally appeared inThe Conversation.

The views expressed here are those of the author and do not represent or reflect the views of RT

Read more here:
Here's why the internet crashes thousands of times a year - RTE.ie