Recently in Security Category

We can confirm reports of significant but sporadic Internet outages in the Palestinian Territories today.  As many as half of the routed networks of the Palestinian Territories were unreachable (withdrawn from the global routing table), possibly as a result of reported cyber attacks.  These outages are the largest we have observed all year for this country, which normally has a fairly stable Internet.  Impacted networks are located in both the West Bank and Gaza Strip.

Hurricane Irene knocked out power to millions of homes and businesses as it travelled up the US East Coast this weekend. Even as the winds subsided, torrential rains triggered savage flooding throughout Eastern New York state and Vermont, tearing up roads and exposing the telecommunications infrastructure to further risks. The storm's impacts were clearly visible in the Internet's global routing table, as tens of thousands of networks were cut off from the rest of the world.

Here are a couple screenshots from our Internet Health Portal, which we provide to the US Computer Emergency Readiness Team (US-CERT). During an emergency like Hurricane Irene, this tool provides the US-CERT with critical information about the availability of Internet services across America. Working from lists of impacted customers in each state and county, and lists of correlated outage events, we can supply a lot of useful information about the problems being experienced by enterprises in the affected area. That information can be passed along to state and local governments to aid in prioritization of disaster relief.

Last week, we looked at the problem of incorrect DNS answers emanating from China and the potential impact on Internet users outside the country. In this blog, we'll consider a proposed and partially implemented solution (DNSSEC) and the broader problem of hosting global services in any country known to tamper with Internet traffic. We'll even suggest a rating system from one to five stars for evaluating countries, and we'll note that while the US was once a 5 on this scale (highest rating), it is currently a 4 and might be headed to a 3 or 2. In general, the direction for the world seems to be for a less open and more censored Internet, and that is the truly unfortunate part of this story.

There's been sudden interest recently in a Chinese route hijacking incident that occurred way back in April, brought about by a new report to the US Congress that highlighted the event (see pages 236-247). A second Chinese event, also in the report, has received almost no attention despite being much more interesting (technically, anyway). A Chinese DNS censorship incident occurred just one month earlier, in March, and although we already presented an analysis of that event (here and here), today we'll provide an update on the incident and its scope. But first, let's step back and get some context on events such as these, and see if the hype is warranted.

Did China's government really divert 15% of the Internet's traffic for eighteen minutes in April, effortlessly intercepting sensitive traffic in flight, and generally creating a massively embarrassing man-in-the-middle attack on vulnerable global communications?

Well, yes and no. Mostly no.

Yes, this event really happened. No, it probably wasn't a deliberate attack, or if it was, it wasn't a very effective one, compared to what might have happened, but that's where the story tends to bog down in technical detail and lose most readers.

Bear with me for a few minutes. There are several fragments of truth floating around this story, but they get more confused with each retelling. Let's lay out what's known, and then you can draw your own conclusions.

Afghans headed to the polls today for parliamentary elections in a tense but hopeful atmosphere. If the Internet has a role to play this year in helping Afghanistan develop a peaceful civil society, it will probably turn on two key developments: cheap GPRS Internet delivered over mobile phones, and strong relationships with neighboring states to provide Internet transit.

In today's followup to last week's blog, we present the evidence we see in the global Internet routing tables for a strengthening technical relationship between the Tehran and Kabul governments. In Afghanistan, as in Iraq, Iran now sees an opportunity to export influence by exporting its technological infrastructure.

Until this year, Iranian companies participated in the Internet primarily as consumers of international bandwidth. In 2010, however, they have expanded their scope. Earlier this year the Iranian state telecommunications company began providing Internet transit services in Afghanistan and Iraq, acting as a carrier for both commercial and government traffic. Over the next few days, we'll take a look at this interesting evolution, and speculate a bit about what it might mean for the growth of the Eurasian Internet.

We've all heard about the wonders of cloud computing. Take your corporate web server, your email servers, your calendar software and even your business plans and other important documents and throw them all into "the cloud". No more finicky hardware to maintain, buggy software to patch or data backups to worry about. Outsource all of those headaches and enjoy reading your email from the beach on your phone.

Of course, nothing is ever that simple. Like any outsourced solution, you will need to perform due diligence. Is your cloud service provider technically and financially sound? Have they acquired sufficient diversity with respect to their Internet connectivity? Do they comply with all applicable regulations for your jurisdiction? Are there potential physical problems at their hosting locations, such as exposure to the threat of earthquakes or hurricanes? You can probably figure all of this out. But there is another threat that your due diligence will certainly fail to expose: the threat of your cloud neighbors. If you end up with the wrong ones, you may suffer as a result of their bad behavior or simply because of the content they host. This blog examines a few examples of this potential problem.