Microsoft Commits to Improve Routing Security by Joining an Initiative

Microsoft has recently joined the Mutually Agreed Norms for Routing Security (MANRS) initiative, according to a MANRS release.

In its release, MANRS acknowledged the need to enhance routing security. The Internet Society-supported community said around 12,600 routing outages or incidents took place last year alone.

ADVERTISEMENT

These incidents include route hijacking and leaks that resulted in large-scale Distributed Denial of Service (DDoS) attacks. The attacks also led to stolen data, lost revenue and damage to company reputation and more adverse effects.

Microsoft's Commitment to Security

Yousef Khalidi, Corporate Vice President at Microsoft's Azure Networking unit, emphasized the tech giant's commitment to enhancing increasing cybersecurity. Joining the community would allow the company to address the challenges related to routing security.

Khalidi also said Microsoft is also partnering with Internet Society, the Cybersecurity Tech Accord and other initiatives. Participation with these initiatives will enable the company to examine how players beyond network operators and IXPs can help improve routing security.

ADVERTISEMENT

Meanwhile, an Internet Society officer explained the need for tech giants like Microsoft to partake in improving routing security.

Olaf Kolkman, Chief Internet Technology Officer at the Internet Society, said routing incidents take place globally. Hence, one operator’s routing issues can impact others. Not only that, but the security of the entire Internet can also be compromised.

Because of this, the safety of Microsoft and other network operators hinges on routing security, he added.

ADVERTISEMENT

State of Routing Security

At present, the global routing system is vulnerable to malicious threats. These safety risks include DDoS attacks, spamming and data theft.

What's more, routing incidents have a profound impact globally whether it’s a planned attack or only a configuration mistake. Worse, in many cases, they are difficult to detect.

An example of a security breach took place last year. A routing leak by a Nigerian ISP led to the misrouting of some of Google’s traffic through China. This incident caused outages in many parts of the world.

The same breach also allowed an ISP from Indonesia to hijack prefixes of multiple US payment processing companies. As a result, sensitive data has been re-routed for 30 minutes.

Routing Security Improvement

But because of the MANRS and other efforts, last year saw an improvement in routing security. Total incidents of outages or attacks such as route leaks and hijacks decreased by 9.6% at 12,600. However, the ratio of outages versus routing security incidents was unchanged at 62/38.

Improvement in other areas of routing security was also evident in 2018. Approximately 4.4% of all Autonomous Systems on the Internet were affected, a decrease of 1% from 2017. Likewise, only 2,737 autonomous systems became a victim of at least one routing incident, down by 12%.

No posts to display