Every year, thousands of routing incidents While known security measures can address many of these routing incidents, misaligned incentives limit their use.All stakeholders including policymakers, must take steps to strengthen the security of the global routing system.
The issues those steps address, however, are costly from both insurance and public relations perspectives.
For example, if a company’s traffic is misrouted to someone who harvests access credentials and uses them to hack the company or its customers, hundreds of millions of dollars in damage could be accrued.
For more information on securing the infrastructure of Internet service providers please see: https:// was founded with the ambitious goal of improving the security and reliability of the global Internet routing system, based on collaboration among participants and shared responsibility for Internet infrastructure.
These are undoubtedly essential pillars supporting the Internet’s tremendous growth and success, but we must better articulate the incentives of contributing to global security and resilience to grow MANRS participation and reach our goals.
And the acronym is no accident, the authors are making a point: it is good etiquette, good , to say trustworthy things when speaking to one’s neighbour.
MANRS actions result in trustworthy Internet routing, a reasonable basis for a business.
What’s more, the company misrouting the traffic could be found culpable.
More than simply good route hygiene or cheap insurance, these recommended actions might be all that stands between your network and the financial and public relations nightmare of a security breach. For example, in the United States, the National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS) recently reinforced the importance of the MANRS project by publishing a draft US standard , the NIST–DHS standard calls for path validation via Border Gateway Protocol Security (BGPsec), which is a possible future building block for routing security.
Improvements include the establishment of specific data to help operators identify what routing data is valid and what is not, as well as specific operational practices to address known attacks.
To date, the biggest problem with those capabilities is that many operators remain either unaware or unconvinced that their participation is needed if matters are to improve.