Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
One of the most striking and enduring dichotomies in the conceptualization of electronic communication networks is summed up in the phrase "the Internet as weapon." With each passing day, it seems that the strident divergence plays in the press -- the latest being Tim's lament about his "web" vision being somehow perverted. The irony is that the three challenges he identified would have been better met if he had instead pursued a career at the Little Theatre of Geneva and let SGML proceed to be implemented on OSI internets rather than refactoring it as HTML to run on DARPA internets. more
The U.N. General Assembly has approved a resolution to start the process of drafting a new international treaty against cybercrime despite objections from the European Union, the United States and other countries. The Russian-drafted resolution received approval from a 193-member world body with a vote of 79-60 and 33 abstentions. more
The AntiPhishing Working Group (APWG) in a letter to ICANN has expressed concern that the redaction of the WHOIS data as defined by GDPR for all domains is "over-prescriptive". more
The Internet has two billion global users, and the developing world is just hitting its growth phase. Mobile data traffic is doubling every year, and soon all four billion mobile phones will access the Net. In 2008, according to a new UC-San Diego study, Americans consumed over 3,600 exabytes of information, or an average of 34 gigabytes per person per day. Microsoft researchers argue in a new book, "The Fourth Paradigm," that an "exaflood" of real-world and experimental data is changing the very nature of science itself. We need completely new strategies, they write, to "capture, curate, and analyze" these unimaginably large waves of information. more
Geoff Huston's recent post about the rise of DNS amplification attacks offers excellent perspective on the issue. Major incidents like the Spamhaus attack Geoff mentions at the beginning of his post make headlines, but even small attacks create noticeable floods of traffic. These attacks are easy to launch and effective even with relatively modest resources and we see evidence they're occurring regularly. Although DNS servers are not usually the target of these attacks the increase in traffic and larger response sizes typically stress DNS infrastructure and require attention from operation teams. more
What is the responsibility of the DNS? Should the DNS be responsible for policing traffic across its infrastructure? Should the blocking and blacklisting of names or throttling of query packets be the responsibility of the DNS? From experience I know my opening paragraph has started passionate debates in more than one section of this globe. We at CommunityDNS have found ourselves right in the middle of such heated debates. "Oh YES you will!", "Oh NO you will not!" more
The DNS root servers were reported by Verisign to be under unexpected attack from name servers across the Internet following ICANN's recent changes to their cryptographic master keys. more
For many people the comments made by Michael Hayden, Former Director of the Central Intelligence Agency, at this week's Black Hat Technical Security Conference in Abu Dhabi may have been unsettling as he commented upon the state of Chinese cyber espionage. I appreciate the candor of his observations and the distinction he made between state-level motivations. In particular, his comment... more
On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as "NIS2"), which was published in the official journal on December 27, 2022. Being a directive, NIS2 requires transposition into national law. According to Art. 41 of NIS2, the transposition into national law must take place by October 17, 2024 and the measures must be applied as of October 18, 2024. more
Since the inception of ITU precursors in 1850, its various bodies have treated the subject of telecommunication network security as both an obligation of signatories to the treaty instruments as well as an ongoing collaborative activity. However, what it actually did in those activities was constrained by its jurisdiction and participant competency -- which encompassed international public telecommunication services provided primarily by designated government agency service providers known as PTTs. more
Ripped from the headlines: A recent DDoS attack lasted an entire 60 days. In other news, a single site was attacked 218 times in Q2 alone. To those of us in the business of protecting Web infrastructure, these stories are hardly surprising. What's notable, though, is where they were reported, in The Financial, whose focus is banking and financial services, not technology. The reporters used the term "DDoS" as if it were as common as "hedge fund," something everyday business people, not just techies, grasp. It's this human element that caught my interest and got me thinking a little. more
I was browsing CircleID the other day and came across Bruce Schneier's article on cyberwar. Schneier's article, and the crux of his point, is that the term cyber war and the threat of cyber warfare has been greatly exaggerated. The real problem in cyberspace is not the threat of cyber warfare wherein a foreign government, or possibly non-state actor, conducts a cyber attack on another nation. more
In the rather unique world of public international law for cybersecurity, the treaty provisions of the International Telecommunication Union (ITU) stand alone. They form the multilateral basis for the existence of all communication networks, internets, and services worldwide and have obtained the assent by every nation in the world. They also contain the only meaningful multilateral cybersecurity provisions that have endured over a century and a half through all manner of technological change. more
On 30 September 1850 at Dresden, the first international treaty was issued among the first sovereign nations to internet their national electronic communication networks. It was known as the Dresden Convention, and culminated several weeks hammering out basic requirements and techniques to implement an internet spanning the Austro-German European continent at the time, and established a continuing "Union" of signatories to evolve the provisions of the treaty. more
The last few months have shown a number of signs that cooperation in cyberspace is not just necessary, but it is vital for the survival of the Internet as we know it. There is no need to provide links to all the articles and news stories that talk about the dangers of cyberattacks on the infrastructure in the USA or other countries - you can find plenty of them. ... What misses really in these stories is the answer to the question "So, what?" more
A World-Renowned Source for Internet Developments. Serving Since 2002.