In a post-9/11 world, the security of internet protocols remains critically overlooked. A 328-page U.S. report unveils the alarming threats from rogue nations, with incidents like China Telecom’s misrouted traffic and Google’s breach by Chinese hackers spotlighting the vulnerabilities. It’s high time for a fundamental overhaul, starting with the widespread adoption of HTTPS and a reevaluation of DNS and routing protocols. This piece explores the urgent need for preemptive security measures to protect not just digital infrastructure but our global security at large.
The world has changed since 9/11 but why should the internet remain the same? Apparently I’m not talking about the development of internet technologies that have grown in leaps albeit the buzz word Web 2.0 is on its way out. I am taking about the basic internet protocols.
A 328-page report was recently released in the US about threats posed by rogue nations to security of the internet. The report said last year China Telecom broadcasted a bad BGP (Border Gateway Protocol) and routed a large portion of internet traffics through its opaque network for about 18 minutes (US military and government traffic were affected). Coming to mind was also the recent infiltration of Google by Chinese hackers.
After 9/11, the concept of preemptive security took a firm root in everyone’s mind. Also, there is now a greater sense of security awareness on personal computers but what have been left behind are the base internet protocols. Starting with basic HTTP, I think there should be a firm deadline for the deprecation of this protocol. Before now, the grouse with HTTPS has been with its bandwidth utilization because it uses more than plain vanilla HTTP but that is no longer tenable as broadband is now the norm. Google made a move in the right direction by making Gmail HTTPS a default but it can do better by making all its services HTTPS only.
DNS and other routing protocols should be addressed, a terrorist can do more damage (even physically the speculation of what the Stuxnet could do is extremely ominous!) by waging cyber-attacks than by blowing himself up.
Like this:
Like Loading...
Related
Author: Adedeji Olowe
Adédèjì is the founder of Lendsqr, the loan infrastructure fintech powering lenders at scale. Before this, he led Trium Limited, the corporate VC of the Coronation Group, which invested in Woven Finance, Sparkle Bank, Clane, and L1ght, amongst others.
He has almost two decades of banking experience, including stints as the Divisional Head of Electronic Banking at Fidelity Bank Plc. He drove the turnaround of the bank’s digital business. He was previously responsible for United Bank for Africa Group’s payment card business across 19 countries.
Alongside other industry veterans, he founded Open Banking Nigeria, the nonprofit driving the development and adoption of a common API standard for the Nigerian financial industry.
Beyond open APIs, Adédèjì works deeply within the fintech ecosystem; he’s the board chairman at Paystack.
Adédèjì is a renowned fintech pundit and has been blogging on technology and payments at dejiolowe.com since 2001.
View all posts by Adedeji Olowe