Tag Archive for: ‘routing’

Open-source Leader Advocates Strong FCC Enforcement of Routing Security

/in


The Federal Communications Commission should consider imposing comprehensive tests and fines—after fair warning and guidance—to ensure internet service providers are taking minimal steps to protect the global internet routing system from malicious hackers, according to comments a leader in the open-source security community submitted to the agency.

“Voluntary compliance has failed to ensure compliance with even basic measures; companies have negligently allowed hijacking for decades, even when well-known and practical countermeasures exist,” wrote David Wheeler, director of open source supply-chain security for the Linux Foundation. “The FCC should establish a testing regime to ensure that Internet routing, if depended on by others, strongly resists hijacks using currently practical measures such as [Resource Public Key Infrastructure]”

Comments were due Monday in response to an inquiry the FCC made on the issue in the wake of the Russia-Ukraine conflict. The commission is concerned about hackers’—particularly powerful nation-state actors’—ability to manipulate the Border Gateway Protocol to redirect internet traffic by pretending to offer a more efficient network path. Resource Public Key Infrastructure, or RPKI, refers to a system of certificates and cryptographic attestation for stakeholders to validate the origin and authorize the route internet traffic should take. 

In response to the FCC asking about the extent to which network operators have implemented available security measures, Wheeler pointed to a test established by the content distribution network Cloudflare. The test is a simple red-team exercise that advertises a route known to be spurious. Cloudflare committed to implementing RPKI in the fall of 2018.   

“Those US organizations who fail should be notified, provided guidance on how to fix the problem, & given a grace period … to (re)gain compliance,” Wheeler said. “After the grace period there need to be incentives for failing US organizations to change to implement at least minimal efforts … These incentives should include grants if the organization is a not-for-profit, publishing a list of non-compliant entities, and then…

Source…

Largest mobile SMS routing firm discloses five-year-long breach

/in


SMS routing firm Syniverse discloses a five-year-long breach

Syniverse, a service provider for most telecommunications companies, disclosed that hackers had access to its databases over the past five years and compromised login credentials belonging to hundreds of customers.

Self-described as “the world’s most connected company,” Syniverse provides text messaging routing services to over 300 mobile operators, among them Vodafone, AT&T, T-Mobile, Verizon, America Movil, Telefonica, and China Mobile.

Syniverse is so big that it brags about having as its customers “nearly every mobile communications provider, the largest global banks, the world’s biggest tech companies.”

Breach tracked to May 2016

In a filing on September 27 with the U.S. Securities and Exchange Commission (SEC) spotted by Motherboard journalist Lorenzo Franceschi-Bicchierai, Syniverse disclosed that an unauthorized party accessed on several occasions databases on its network.

When the company became aware of the intrusions in May 2021, an internal investigation began to determine the extent of the hack.

“The results of the investigation revealed that the unauthorized access began in May 2016,” the company reveals in the SEC filing.

For five years, hackers maintained access to Syniverse internal databases and compromised the login data for the Electronic Data Transfer (EDT) environment belonging to about 235 customers.

“All EDT customers have been notified and have had their credentials reset or inactivated, even if their credentials were not impacted by the incident. All customers whose credentials were impacted have been notified of that circumstance” – Syniverse

Huge node for mobile communications

The company notes that its investigation did not reveal intent to disrupt operations or to monetize from the intrusion.

Even if the investigation did not find any evidence, the company does not exclude the possibility of data exfiltration, which could impact its business, employees, customers, suppliers, and vendors, and could also lead to a future cyber attack.

From its role as an intermediary between mobile carriers, it is easy to infer the type of data the hackers could access by breaching Syniverse: at least details about the source, destination,…

Source…

Activating validation services for route origin, TWNIC continues to safeguard Internet routing security with RPKI

/in

People are growingly reliant on the Internet for work, school and daily activities. The impact to people’s life will be unthinkable should the Internet suddenly stop working. Border Gateway Protocol …
internet security – read more

MANRS Launches New Online Tool to Monitor State of Internet Routing Security

/in

MANRS Launches New Online Tool to Monitor State of Internet Routing Security Business Wire WASHINGTON — August 13, 2019 The Mutually Agreed Norms for Routing Security (MANRS) initiative, today …
internet security – read more