VeriSign: Internet infrastructure still vulnerable
Authentication company VeriSign, which operates two of the root servers for the internet, has warned that the web is still vulnerable to attack, despite continued investment in hardening systems.
VeriSign chief technology officer Ken Silva, speaking to ZDNet UK at the RSA Conference Europe 2008 last week, said that, while certain parts of the internet infrastructure had been made more secure, there are still weak spots.
"Certainly the infrastructure that we operate around .com and .net has been fortified to withstand the largest attacks we can reasonably predict, but not all of those infrastructures have been protected in the same measure," Silva said. "I think, in particular, if you look at smaller countries, most notably Estonia and Georgia recently, their domain system is relatively small compared with others. Those probably haven't been fortified to the level they need to be."
Both Estonia and Georgia suffered from denial-of-service attacks following disputes with Russia, which caused significant connectivity problems. Silva said that internet-infrastructure security depends, in large part, on the money countries put into it.
"It's proportional to size," Silva said. "The [national and international organisations] that operate large infrastructures have made significant investments, those that have small infrastructures don't necessarily view the importance of that infrastructure in the same way."
While .com and .uk infrastructures have been hardened, for smaller countries, internet security is a secondary concern when it comes to apportioning funding, Silva said.
"Without listing them one at a time, you can draw your own conclusions about Third World countries, smaller Eastern European countries and some Asian countries," he said. "[They] simply have not made a significant investment in their existing infrastructure."
While VeriSign has invested "significantly" in hardening internet networks, Silva said, the organisation still regularly comes under attack, normally through distributed denial-of-service (DDoS) attacks.
"DDoS attacks increase by 150 times every 14 months — up to 54Gbps in 2006," said Silva. "This year, one individual conducted an attack in retaliation against someone else. The individual had been scammed and wanted to prove a point. In six weeks, he conducted 1,600 attacks."
Silva said that damage to undersea cables is a potential cause of disruption. Fibre cuts that occurred in January and February this year had an impact on the infrastructure in India, where internet access was severely affected.
"As root servers all sat outside of India, they couldn't even get to sites within their own country, in many cases," Silva said. "We've since rectified that."
Silva said that VeriSign had placed one of the nodes for a distributed root server in India, so that, should another cable cut happen, Indian web users "would at least be able to resolve to one of the sites within their own country".