Get best of the week

IaaS providers fight against attacks on BGP protocol

Several large organizations have joined the MANRS. This is an initiative whose participants are trying to prevent the distribution of incorrect data about routes in the networks of providers.

Routing errors can lead to failures. Avoiding them is especially important now, when many are sitting at home, and the load on infrastructure continues to increase.


Photos - Ma Joseph - Unsplash

What affects the operation of the cloud


In recent months, more people have begun to sit at home and work remotely. This fact has led to a significant increase in the load on the services of IaaS providers. One of the western cloud vendors noted an eight-fold increase in the number of users in Italy, where strict self-isolation measures were introduced. Part of the effect is due to an increase in the number of businesses willing to purchase infrastructure for setting up remote jobs .

According to Europol, along with the load on the IT infrastructure, the number of cybercrimes has also increased. Similarly, the situation is developing in the United States. Fraudsters often mention coronavirus in phishing emails. The growth of such attacks was warnedeven at the Department of Homeland Security.

Also, experts record an increase in the number of attacks aimed at the dynamic routing protocol BGP . Along with DNS, it is one of the key components of the Internet. Using the protocol, the provider routers transmit network availability data to each other. Back in 1998, a member of the hacker group L0pht said that a well-thought-out attack on BGP can “turn off” the world’s Internet in half an hour.

In such circumstances, it is important to protect the infrastructure on which the networks of cloud and Internet providers are built. Therefore, at the end of March, several large IaaS vendors and IT companies - including Google, Facebook, Microsoft and Netflix - connectedto the MANRS project (Mutually Agreed Norms for Routing Security).

What does MANRS do


The project was founded in 2014 with the support of the international organization Internet Society , which finances the activities of the Internet Engineering Council ( IETF ) and the Internet Architecture Council ( IAB ). Its members - today there are  more than 300 of them - are working on a set of best practices to improve routing security.

In March , a new program was launched as part of the initiative , especially for cloud providers and companies responsible for the operation of content delivery networks (CDNs). It was connected to it by Google, Facebook and other operators.

They will help with the implementation of filtering and anti-spoofing mechanisms to combat route hijacking and IP spoofing.

Also, corporations will popularize the mechanism of RPKI (Resource Public Key Infrastructure) - a hierarchical public key system to ensure global routing security. So far, only 10% of MANRS participants use it. More IT companies will develop tools for network monitoring.

Prospects


Andrei Robachevsky, Project Manager of the Internet Society, is convinced that major players like Google and Microsoft will help reduce the number of hacker attacks on BGP. Over the past few years, MANRS has already achieved some success.

According to The Register, in 2017, analysts recorded 14 thousand incidents related to interference with the protocol. A year later, thanks to the organization, the total number of incidents decreased to 12 thousand.


Photo - Chris Dickens - Unsplash

It is also believed that large companies will serve as an example and will attract other firms to MANRS. Already there are first results - recently China Telecom operator joined the initiative. He was criticized for his frequent routing errors. Just last year, the company accidentally sent the traffic of several European telecom operators through its networks. According to Andrei Robachevsky, China Telecom itself appealed to the community to help them prevent similar incidents in the future.

There is reason to believe that this is not the last time a large company joins MANRS.

Note that this is not the only project to which cloud providers connect. At the end of March, more than 80 new companies became membersCNCF (Cloud Native Computing Foundation), formed with support from The Linux Foundation and major Western IaaS providers. Organizations will channel resources toward developing open cloud services and tools to ensure information security.

Fresh materials from our corporate blog:

How the cloud will help you work remotely
How new features of 1cloud panel help the client: the experience of Complex Oil company
“Almost anarchy”: a brief history of Fidonet - a project that “doesn't care” about defeating the Internet

More articles:


All Articles