Andrei Robachevsky

Andrei Robachevsky

Senior Technology Programme Manager at Internet Society
Joined on August 31, 2015
Total Post Views: 57,807

About

Andrei Robachevsky joined the Internet Society in March 2011. He is the Senior Technology Programme Manager.

Andrei’s primary area of interest is security and resilience of the Internet infrastructure. This work is based on active engagement with the operator, research and policy communities.

Prior to joining ISOC, Andrei was Chief Technical Officer of the RIPE NCC, leading the development of company’s IT strategy, external and internal IT services, and work of the engineering departments. He was responsible for the deployment of DNSSEC for the reverse DNS tree and deployment of anycast instances of the K-root DNS server.

Andrei brings to the Internet Society more than 10 years experience in the Internet technical community. For more than a decade he is actively following Regional Internet Registry (RIR) and Internet Engineering Task Force (IETF) activities. He was Chair of the Number Resource Organization’s (NRO) Engineering Coordination Group (ECG), which is responsible for various technical inter-RIR activities and projects. In 2010-2012 Andrei was a member of the Internet Architecture Board (IAB).

Andrei is based in Amsterdam, The Netherlands.

Except where otherwise noted, all postings by Andrei Robachevsky on CircleID are licensed under a Creative Commons License.

Featured Blogs

MANRS Observatory: Monitoring the State of Internet Routing Security

Routing security is vital to the future and stability of the Internet, but it's under constant threat. Mutually Agreed Norms for Routing Security (MANRS) is a global initiative, driven by the networking community and supported by the Internet Society, aiming to reduce the most common threats to the Internet's routing system through technical and collaborative action. more

Routing Security - Getting Better, But No Reason to Rest!

In January 2018, I looked back at 2017 to figure out how routing security looked globally and on a country level. Using the same metrics and methodology, I've recently taken a look at 2018 to see if we're making improvements. The good news is, it seems like the routing system is doing better! But there is still much work to be done. Using BGPStream.com, a great public service providing information about suspicious events in the routing system, I analyzed the number of incidents... more

A Year in Review: 14,000 Routing Incidents In 2017

How was the state of the Internet's routing system in 2017? Let's take a look back using data from BGPStream. Some highlights: 13,935 total incidents (either outages or attacks like route leaks and hijacks); Over 10% of all Autonomous Systems on the Internet were affected; 3,106 Autonomous Systems were a victim of at least one routing incident; 1,546 networks caused at least one incident. more

Can We Really Blame DNSSEC for Larger-Volume DDoS attacks?

In its security bulletin, Akamai's Security Intelligence Response Team (SIRT) reported on abuse of DNS Security Extensions (DNSSEC) when mounting a volumetric reflection-amplification attack. This is not news, but I'll use this opportunity to talk a bit about whether there is a trade-off between the increased security provided by DNSSEC and increased size of DNS responses that can be leveraged by the attackers. more

Can We Stop IP Spoofing? A New Whitepaper Explores the Issues

In March 2013, Spamhaus was hit by a significant DDoS attack that made its services unavailable. The attack traffic reportedly peaked at 300Gbps with hundreds of millions of packets hitting network equipment on their way. In Q1 2015, Arbor Networks reported a 334Gbps attack targeting a network operator Asia. In the same quarter they also saw 25 attacks larger than 100Gbps globally. What is really frightening about this is that such attacks were relatively easy to mount. more