“Online security must preserve the Internet’s open nature”
17/04/2013
As the Internet gains importance in people’s daily lives and becomes more and more relevant in global economic activity, new and complex challenges arise as we face increasingly sophisticated attempts to violate Web security.
Latin America and the Caribbean are no exception to these global threats, which affect both end-users as well as the infrastructure of regional organizations, businesses and governments.
Carlos Martinez, R&D Engineer at the Internet Address Registry for Latin America and the Caribbean (Lacnic), admitted he has noticed a growing trend in activities trying to undermine Internet security worldwide, but highlighted the work Lacnic is carrying out together with the regional technical community to respond to and mitigate the impact of such incidents.
He noted that Lacnic works towards an open, stable and secure Internet, implementing initiatives and providing tools to respond to key regional security problems.
In your opinion, what are the five most common security issues at global and regional level?
We should separate threats directly affecting “end-users,” i.e. people in their homes, workplaces or on their mobile devices, from threats that can affect commercial or government infrastructure.
For end-users, the greatest threats are still undoubtedly the different forms of malicious software (malware), online fraud and identity theft (phishing) in its various forms, and unsolicited email (spam). Spam often operates as a vehicle or vector for other threats, such as links to compromised websites or other forms of fraud.
For companies and governments, the major threats are the so-called denial of service attacks (DoS). It is important to note, however, that both malware and fraud can also affect companies. In particular, Trojans, i.e. software applications that appear to perform a desirable function but instead serve a malicious purpose, are a common attack vector.
A disturbing new trend that is emerging is known as “APT” (Advanced Persistent Threats). The term APT refers to attacks that persistently target a specific entity and are led by skilled and well-funded operators.
Is it possible to quantify the losses caused by computer security incidents in Latin America?
These losses are very difficult to quantify. A study conducted in 2011 estimates them somewhere around 90 billion but, again, it is very difficult to estimate this figure.
One of the reasons this is so difficult is that, often in order to preserve their image, some institutions do not report an incident to its full extent or do not report every attack of which they are a victim.
How important is collaboration between public and private, national and international stakeholders to mitigate computer security incidents in Latin America and the Caribbean?
Lacnic cooperates with the region’s technical community as well as with other stakeholders in order to respond to and mitigate the impact of these incidents.
Lacnic’s new mission and vision include working towards an open, stable and secure Internet, so we at our organization try to implement initiatives and provide services that will help improve the way in which investigators do their job.
Lacnic, for example, in its role as Regional Internet Address Registry maintains the database known as WHOIS, the place of first resort for investigators analyzing security incidents.
In terms of capacity building, Lacnic assigns great importance to security issues and has, among other things, created the Amparo project (training on CSIRT creation and operation) and provided a specific venue for discussing security issues at the organization’s annual event (LACSEC).
As to securing network infrastructure, Lacnic works hard to promote the use and deployment of technologies such as DNSSEC and RPKI (resource certification) which help eliminate potential Internet infrastructure weaknesses.
In addition, every government in our region has taken not of the importance of cybersecurity and we are seeing various initiatives being implemented throughout the region.
Can those responsible for cyber attacks be prosecuted?
The transnational nature of these incidents continues to present challenges when trying to locate the people behind them.
This task requires more and better international coordination efforts, a process that is taking place gradually, as judges and other stakeholders begin to better understand how the Internet works and the dynamics of all those involved.
Can you describe actual incidents involving cybercriminals in the region and the actions that were taken in such cases?
It is sometimes difficult to gather accurate information on actual incidents, as preserving the victims’ privacy and not compromising ongoing investigations is often a priority.
In particular, I recall two cases that illustrate examples of best practices and coordinated work. The first was a phishing incident (password theft) specifically targeting well known public personalities; the other, a distributed denial of service attack against a government’s website.
The first case was identified by the police, who sought the cooperation of local security experts and established a solid foundation that allowed the case to be solved.
In the second case, the victim organization worked closely with its ISP and the security experts community, on the one hand, to try to identify the source of the attack and, on the other, to mitigate its effects.
The Internet’s impact on people’s lives will continue to grow. What are the challenges for improving Internet security while, at the same time, improving the exercise of individual rights online?
We must not allow security threats and risks present on the Internet to become an obstacle for conducting online activities, whether commercial or not. ‘Trust’ in the Web is as fragile as trust in public security, and we must work hard to preserve it.
We must never, however, lose sight of the importance of preserving the original features that made the Internet the engine for development that it is today. In particular, any work on Internet security should consider preserving the Web’s open nature.
Finally, as digital citizens, it is our duty to exercise our rights with responsibility.