Career Opportunities
Events
Career Forum
News & Articles
Recruiters
Register For Our Weekly Newsletter
Catch Up On The Latest Headlines
Thought Leadership Articles
Submit Thought Leadership
 
<< Back

The Internet's real security problem

Dr Tom Leighton

Dr Tom Leighton warns that there's a looming threat to Internet commerce because the underlying protocols that the modern Internet is built upon are inadequate to the task of providing secure and reliable packet traffic.

Forget “phishing” for bank account passwords. The deepest threats to online security are the weaknesses in the fundamental protocols that run the Internet.

Even casual computer users know to beware of security threats on the Internet. They have probably equipped their computers with up-to-date anti-virus and firewall software. They are leery of unsolicited e-mail attachments, and careful about the Web sites they visit. They may have heard about "denial of service" attacks in which malicious hackers direct thousands of computers to bombard a company's servers with requests to shut them down. They probably even know not to fall for “phishing” scams in which hyperlinks take users to phoney sites posing as legitimate banks and credit card companies in an attempt to steal passwords and account information.

What few realise, however, is that the Internet is vulnerable to much deeper levels of fraud that exploit fundamental security gaps in the network protocols themselves. These attacks, often called “pharming,” are all but impossible for individuals to guard against or even detect. They represent a growing threat to personal, corporate and national security that the federal government needs to address urgently.

Defenseless DNS, Flawed Protocols
The Domain Name System (DNS), for example -- the Internet's version of “Directory Enquiries” is largely defenceless. When you type a URL, your browser converts it into a string of numbers (an IP address) which it gets by contacting a local name server, typically operated by your Internet service provider. IP addresses change frequently and come with an expiration date. If a local name server receives a request for an “expired” DNS name, it queries a hierarchy of other servers, keying its request to two 16-bit identification codes—one of which is fairly predictable. Unfortunately, it’s quite possible for a cyber thief to produce a likely match to both codes by generating a relatively small number of answers (say 65,536).

Using this approach, a cyber thief can obtain the IP address for XYZ Bank's home page and its expiration date, get the local name server to replace the correct address with his own, and communicate the false information to customers. Ultimately, customers seeking XYZ Bank will be directed to the hacker’s computer. Assuming he runs a convincing imitation of the bank's sign-in page, customers will not realize that they are handing their confidential information over to a fake.

Similar flaws plague other Internet protocols, such as the Border Gateway Protocol (BGP), which governs the pathways followed by data packets on the Internet. They also affect the Dynamic Host Configuration Protocol (DHCP), which roaming computers use to find network resources when they connect in new locations. For example, if you’re sitting in a café and want to open a connection to the local wireless router, your laptop broadcasts a query for the server to identify itself, and DHCP directs your laptop to accept the first response it gets. If a hacker sitting across the room can fire off a reply before the café’s router does, your laptop will be joined to his. Everything will seem normal to you, but his computer can record your communications and covertly direct you to malicious sites.

Such vulnerabilities imperil more than individuals and commercial institutions. Secure government and military installations can be compromised this way, too. And indeed there have been cases in which these loopholes did allow record altering and data theft.

How Did We Get Here?
The reasons for our current state of insecurity are partly historical. The predecessors of today's protocols were developed 35 years ago when the Internet was a research network and there was no need to safeguard against malicious entities. The Internet has since opened up and grown explosively, but we have not developed stronger security. The protocols in place take for granted that the billions of people and devices online are both competent and honest.

Fixing the Internet protocols will be a formidable challenge. Some improvements are relatively simple to imagine—for example, switching to identification codes that use more than 16 bits—but would involve considerable work for global adoption. Techniques for authenticating that messages come from the proper parties are well developed, but those technologies are not necessarily fast enough to be embedded in all the routers on the Internet without bringing traffic to a crawl or forcing prohibitive investments in new equipment.

For these reasons and more, in its February 2005 report, President Bush’s Information Technology Advisory Committee (PITAC), of which I was a member, strongly recommended increased federal funding for basic research into cyber security. The Department of Homeland Security currently devotes only one-tenth of 1 percent of its research budget to this concern.

The Defense Advanced Research Projects Agency (DARPA) used to fund this kind of work more generously but its current focus is more narrow and its research on cybersecurity is classified, limiting the amount of research that can be conducted at universities, and inhibiting the transfer of technology to industry. The National Science Foundation (NSF) also studies the problem in a limited fashion. And, although industry takes the problem seriously, inadequate profit incentives discourage companies from aggressively developing broad-based solutions.

Even when better protocols are in hand, convincing the world to accept them is challenging. No central governing body rules the Internet, and standards bodies have been largely ineffective in getting parties to adopt adequate security specifications. The situation is further complicated by the fact that national governments differ in their views of how the Internet should be run, and many key Internet players argue against any government intervention at all.

What is clear is that cyber security deserves immediate, sustained attention. As noted in the PITAC report, “the IT infrastructure .… is highly vulnerable to terrorist and criminal attacks. It is imperative that we take action before the situation worsens and the cost of inaction becomes even greater.”


________________________
About the author:
Dr Leighton is co-founder and chief scientist of Akamai Technologies and professor of applied mathematics at the Massachusetts Institute of Technology.