Strategy to improve Internet Security in Sweden

1
Strategy to improve Internet Security in Sweden

• ITU-T SG 17
• Geneva Dec 12, 2006
• Christoffer Karsberg
• Network Security Department
• National Post and Telecom Agency (PTS)
• christoffer.karsberg_at_pts.se

2
Purpose of this presentation

• Point out important strategic positions and
  action points
• Food for thought to SG17 work with security
  issues
• Incourage other countries to bring forth
  strategies regarding Internet robustness

3
Assignment from the Government

• Strategy to improve Internet security in Sweden,
• including an action plan,
• division of responsibility and
• the management of the strategy.
• Delivery July 30, 2006
• The strategy in English may be downloaded from
• http//www.pts.se/Archive/Documents/EN/Strategy_In
  ternet_security_2006_12_July_2006.pdf

4
Aim

• The aim of the strategy is to facilitate and
  clarify future work to secure the infrastructure
  of the Internet in Sweden.

5
Scope of the StrategyThe infrastructure used by
the Internet

• Application level
• User's equipment,
• services, information
• IP level (Internet)
• Internet operator's
• network service to user
• Transmission level
• Several logical connections
• for data communications
• and telecommunications
• Cable level
• Cables (for example
• 'optical fibre', copper wire)
• and antennae

6
Vision

• The vision is that in ten years the Internet will
  be secure, rapid and have high accessibility

7
Goal

• To secure critical functions in the Internet
  infrastructure that, if not maintained,
• would cause substantial disruption or
  interruption and in this way
• impede or prevent the use of the Internet
• for large groups of individual users or for vital
  public businesses, authorities or organisations.

8
Why a national strategy for Internet Security?

• Internet is becoming crucial for national society
• Important to have a regional feel and heading for
  the area
• Several national strategies could constitute
  building blocks for international strategies

9
Trends and threat profiles

• Society is becoming increasingly dependent on the
  Internet
• Society is becoming increasingly vulnerable to IT
  attacks
• Vulnerabilities in protocols and programs are
  increasingly being discovered
• Laws, legal proceedings and policies do not keep
  in pace with developments and globalisation

10
Trends and threat profiles

• Convergence in networks, terminals and services
  is continuing to increase
• Inadequate security in user environments
  constitutes an ever-increasing risk
• The competence gap is widening in pace with
  increased complexity
• Developments in the market involve increased
  internationalisation
• More wireless networks and services

11
Strategic positions adopted

• The physical infrastructure of the Internet
  should be protected against accidents,
  disruption, wiretapping and manipulation of
  information during transmission
• Resistance to disruption in the domain name
  system should be increased
• Resistance to disruption to the exchange of
  traffic between Internet operators should be
  increased
• Users and buyers should be trained and informed
  to enhance security awareness

12
Contd Strategic positions adopted

• The assumption of responsibility for user
  security should increase among Internet operators
  and the providers of software and equipment
• National awareness of Internet infrastructure
  should be promoted. This should be done in a
  broader context regarding information security.
  The comprehensive approach and coordination of
  research should be improved
• Swedish participation in international fora
  should be increased. This should be done in
  collaboration between the private and public
  sector
• Crisis management regarding the Internet
  infrastructure should be improved

13
Action Plan

• 23 actions/suggestion in total
• Within the framework of the strategic positions

14
Measure 5, 3 and 1, ongoing and plannedProduce
recommendations to

Users
AS
Content providers
Image courtesy of Computer History Museum
15
Consequences if Inter-domain routing fails

• ISP network unreachable, customers unable to
  reach the rest of the Internet
• Larger part of the Internet unreachable
• Traffic could be redirected to wrong network or
  to a black hole

16
Why pay attention to BGP?

• Border Gateway Protocol (BGP) is the basis for
  all routing between Autonomous Systems that makes
  the Internet
• BGP is highly vulnerable to human errors, as well
  as a wide range of malicious attacks
• ISPs need improved Best Common Practices and make
  use of them on a global level
• Threats will increase serious attacks will
  happen
• We need a comprehensive security solution!

17
Measure 2, planned Promote the use of DNSSEC in
name servers
18
Why DNSSEC?

• The use and dependence of DNS will increase
• DNSSEC is a feasible way to achieve increased
  trust to the DNS and the Internet as a whole.
• DNSSEC must be implemented in TLDs and Second
  Level Domains in the first place
• When this has happened, enterprises,
  organisations and authorities can get security
  aware servers for secure address resolving

19
Measure 11, Suggestion Provide the Internet
operators with a legal possibility to prevent the
spreading of harmful traffic
20
The change of the law would mean that

• ISPs get a legal possibility to take emergency
  measures
• in the form of filtering of electronic messages
• that jeopardise the service or the function of
  the network
• for instance dDOS-attacks
• Should be combined with an obligation to inform
  the affected subscriber
• Today there must be a consent by the subscriber

21
Measure 4, ongoing Provide information about
vulnerabilities
The Swedish IT incident Centre (SITIC)

• Provides information about vulnerabilities and
  threats to the public and business sector

22

• Measure 7, suggestion
• Educate trainee teachers in Internet security

23
Measure 8, suggestion Further develop PTSs
website for Internet security
24
Measure 12, suggestion Investigate the
requirements for increased responsibility for
providers of equipment and software
25
Measure 21, planned Produce a coordinated
continuity plan for the Internet infrastructure
in Sweden
26
The management of the Strategy

• Changes in the strategic positions
• are decided upon by the Government
• are updated by PTS
• Updates in the action plan
• are decided upon by PTS
• are done by PTS every second year
• Status in the action plan
• is reported together with the annual report

27
Discussion Points

• In what way could this strategy be beneficial to
  your work with security?
• In what way does you work correspond with the
  thoughts of the strategy? Security baseline?
• Are there any thoughts regarding the measures?
• Could secure inter domain routing be of interest?
• How is the society perspective represented in
  your standardisation work?