It’s why his Office of the National Cyber Director is taking on challenges like BGP security, he said.
The post Coker: Agencies flooded with cyberattacks, beset with complex problems can’t always innovate appeared first on CyberScoop.
A deluge of cyberattacks on federal agencies, and the complexity of the challenges they face, makes it hard for them to advance new approaches to defending their networks, National Cyber Director Harry Coker Jr. said Wednesday.
Speaking at CyberTalks, hosted by CyberScoop, Coker said that’s why his White House office focuses on strategy and policy to tackle complex problems like secure internet routing, which is both increasingly vulnerable and a fundamental component of basic interactions on the web.
“Unfortunately, most of our departments and agencies are dealing with day-to-day operational attacks,” Coker said. “Or in some cases, these entities have shied away from developing or proposing solutions because of the perceived degree of difficulty.”
Border Gateway Protocol (BGP) is one of the “foundational protocols” that lets over 70,000 independent networks operate together as the internet and allow IP addresses to exchange routing information to reach each other across the globe, he said.
But attackers can reroute — or hijack — internet traffic, exploiting a BGP system that is built on trust, Coker said.
“More recently we have seen sophisticated attacks, BGP hijacks, increase,” he said. “Recent incidents have resulted in the loss of millions of dollars.”
A roadmap produced by Coker’s office last month promoted the adoption of Resource Public Key Infrastructure (RPKI), which can ensure BGP routing information is authentic, but there’s a necessary registration process.
“Although that technology has existed for a dozen years, it was only recently that a bare majority of global internet addresses were appropriately registered in RPKI to allow internet service providers to filter all surrounding advertisements and prevent attacks to hijack,” he said.
Furthermore, federal agencies have been running behind on that process, Coker said. But that’s beginning to change, he added.
“By the end of this year, we expect over 60% of the federal IP space to be covered by registered service agreements, paving the way to establish route origin authorizations for federal networks,” he said.
A group of researchers recently said RPKI has vulnerabilities of its own.
The post Coker: Agencies flooded with cyberattacks, beset with complex problems can’t always innovate appeared first on CyberScoop.
Source: CyberScoop
Source Link: https://cyberscoop.com/harry-coker-agencies-cyberattacks-bgp-security/