In today’s world, businesses rely on stable and secure communication online. Many small and medium enterprises communicate to sub-contractors and business partners on a daily basis, often crossing national borders. While the internet has largely facilitated communication, it has also paved the way for new vulnerabilities of business operations.
User experience issues
In order to communicate with business partners or for remote employees to access the internal business network, companies usually rely on the public internet. When information is exchanged between two different locations, there is no control through which internet service providers (ISP) the data is routed to reach its final destination. The misconfiguration of routing tables by ISPs can lead to accidental rerouting of web traffic causing major delays communication. Such misconfigurations are common and often take place unnoticed.
It remains unclear an ISP determines the routes for customers’ data packets. Some ISPs may opt for the cheapest, but geographically longer, route. Others may choose the shortest, yet most expensive route to forward data packets. While the cheapest route may be performant enough for anti-virus updates or email communication, it may not be good enough for video conferences with remote participants. Since the customer has no control over their ISP’s routing preferences, the ISP may not necessarily choose the most appropriate route with regards to the customer’s need.
Network security issues
Man-in-the Middle Attacks
While most BGP misconfigurations are accidental, they can also be used strategically by hackers that perform so-called “man-in-the-middle" attacks. An attacker can change the path of a data packet rerouting it to their own network, also commonly known as route hijacking. This allows the attacker to perform so-called man-in-the-middle attacks such as stealing credentials or eavesdropping. The resulting unavailability of a service or compromised data can amount to huge financial losses for a company. In 2017, attackers rerouted online customers of a Brazilian bank to a reconstructed fake website where customers unknowingly handed over their credentials.
A distributed denial of service (DDoS) attack is a way to disrupt the traffic of a targeted server or network with the aim to bring down a website or specific web service. The attacker overwhelms the target’s website with messages, requests for connections, or fake packets, such that access to the targeted website is temporarily restricted. DDoS attacks are very precise in targeting specific websites and it is difficult to trace the source of the attack. In 2016, hackers targeted the Swiss Federal Railways (SBB) resulting in the slowdown of online timetables and inaccessibility of the website for several hours. Sometimes, smaller attacks degrading a website’s performance are used by the attackers to infiltrate the network while the company’s security team is trying to address the DDoS attacks. Overall, DDoS attacks have increased in numbers, volume, and length in over the last two years.
How to address network issues?
For companies it is difficult to address network security problems as they rely on ISPs that are responsible for routing their traffic. Once a message leaves their company, they give up substantial control over how this message is routed to its final destination. The SCION-Fabric, enabled by Anapaya, offers full transparency and control over the routes and allows the sender to determine through which ISPs traffic should be routed. In collaboration with ISPs, companies can hence adjust the routes to their own needs, for instance by avoiding traffic to be routed through specific countries. This also reduces the risk of DDoS attacks as it is unlikely that all different paths will be attacked at the same time. In order to further reduce such risk, business partners could send each other information about „hidden paths“: These hidden paths are not public and therefore assure business continuity for specific “peers” that agreed to exchange information through these hidden paths.
- Business Wire (2020): DDoS Attacks Increase 180% in 2019 Compared to 2018. Retrieved 24.04.2020, from https://www.businesswire.com/news/home/20200326005063/en/DDoS-Attacks-Increase-180-2019-Compared-2018
- Cloudfare (2020): What is a DDoS Attack? Retrieved 24.04.2020, from https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/
- Deibert, R. J., Rohozinski, R., & Crete-Nishihata, M. (2012). Cyclones in cyberspace: Information shaping and denial in the 2008 Russia–Georgia war. Security Dialogue, 43(1), 3–24. https://doi.org/10.1177/0967010611431079
- Greenberg, Andy (2017): How Hackers Hijacked a Bank’s Entire Online Operation. Retrieved 23.04.2020, from https://www.wired.com/2017/04/hackers-hijacked-banks-entire-online-operation/
- Lutscher, P. M., Weidmann, N. B., Roberts, M. E., Jonker, M., King, A., & Dainotti, A. (2020). At Home and Abroad: The Use of Denial-of-service Attacks during Elections in Nondemocratic Regimes. Journal of Conflict Resolution, 64(2–3), 373 401. https://doi.org/10.1177/0022002719861676
- McCarthy, Kieren (2019): BGP super-blunder: How Verizon today sparked a 'cascading catastrophic failure' that knackered Cloudflare, Amazon, etc. Retrieved 25.04.2020, from https://www.theregister.co.uk/2019/06/24/verizon_bgp_misconfiguration_cloudflare/
- Madory, Doug (2018): BGP Hijack of Amazon DNS to Steal Crypto Currency. Retrieved 24.04.2020, from https://internetintel.oracle.com/blog-single.html?id=BGP+Hijack+of+Amazon+DNS+to+Steal+Crypto+Currency
- McCaskill, Steve (2016): Hackers Target Swiss Railways, Political Parties And Retailers. Retrieved 23.04.2020, from https://www.silicon.co.uk/security/swiss-hacks-sbb-svp-ddos-188254
- Sermpezis, P., Kotronis, V., Gigis, P., Dimitropoulos, X., Cicalese, D., King, A. and Dainotti, A., 2018. ARTEMIS: Neutralizing BGP hijacking within a minute. IEEE/ACM Transactions on Networking, 26(6), pp.2471-2486.