The internet, as we know it, was never designed with security as a primary consideration. Protocols like IPv4 and BGP (Border Gateway Protocol) date back to a time when the web was smaller, trusted, and less complex. Today, these protocols leave us exposed to significant vulnerabilities. But if we could rebuild the internet from scratch, what would need to change to ensure security is built into its core?
Critical Gaps in Today’s Internet Security
- Outdated IP Address System (IPv4): IPv4 is the system that assigns addresses to devices on the internet, but it was designed decades ago without modern security in mind. It doesn’t encrypt or authenticate data, meaning attackers can easily manipulate or intercept traffic. Although IPv6 fixes these issues with better security and more address space, most systems still use the older, vulnerable IPv4.
- The Risks of Data Routing (BGP): BGP is how internet traffic finds its way from one place to another, but it’s vulnerable because there’s no verification of who is routing the data. This opens the door to attacks where traffic can be intercepted or redirected, causing data loss or service interruptions. Without proper security checks, anyone can advertise fake routes.
- Insecure Email Protocols: Email systems are still one of the biggest targets for cyberattacks. Phishing and spoofing happen because email wasn’t built with proper verification in place. While tools like SPF, DKIM, and DMARC are improving security, many smaller domains don’t use them, making email a common entry point for attacks.
Designing a More Secure Internet
To design the internet with security at its heart, the following key changes need to be made:
- Mandatory Authentication Protocols: Every device and router would need to authenticate themselves to prevent unauthorised access or manipulation of data. A protocol like Secure BGP (sBGP) would help by ensuring only authenticated routes can be accepted, significantly reducing the risk of BGP hijacking.
- Elimination of Static File Systems: Today’s file systems are based on static filenames, allowing attackers to easily identify, access, and exfiltrate data once they’re inside a network. A more dynamic, encrypted storage system—where filenames are meaningless or random—would make it much harder for attackers to find valuable information. The concept of homomorphic encryption could be applied here, allowing data to be encrypted even while being processed.
- Decentralised Identity and Trusted Servers: Imagine a system where users authenticate through trusted servers maintained by reliable organisations, creating a chain of trust similar to how SSL certificates work for websites. While this would centralise access control, it could prevent many attacks by ensuring that malicious entities can’t easily impersonate legitimate users or servers.
The Practical Realities: What Can Be Done Now?
While a complete redesign of the internet is not possible in today’s interconnected world, organisations can still take steps to secure themselves against these weaknesses:
- Cybersecurity Training: Employees are the first line of defence. Regular training on how to identify phishing attacks and the importance of strong, unique passwords can prevent many common attacks.
- Phishing Simulations: Simulating real-world phishing attacks helps ensure employees can recognise phishing attempts before they click on malicious links.
- Regular Cyber Assessments: Continuous assessment of an organisation’s security posture helps identify vulnerabilities in systems before they can be exploited by attackers. These assessments are critical for identifying outdated protocols like IPv4 in use, as well as misconfigured BGP routes that could open doors for attackers.
- Endpoint Security and Monitoring: Implementing advanced endpoint protection that monitors for unusual behaviour, such as unauthorised access attempts, can drastically reduce the impact of malware and breaches once they occur.
- Patching and Upgrading to IPv6: Where possible, transitioning to IPv6 and ensuring that all software and systems are up to date helps close the security gaps inherent in IPv4.
Further Thoughts from 4walls
At 4walls, we help organisations address these real-world vulnerabilities, offering proactive solutions through our Cyber Security Dashboard. This platform delivers continuous Cyber Assessments and real-time monitoring to help businesses stay ahead of potential security risks.
Through services like Phishing Simulations and ongoing employee training, we empower businesses to strengthen their security posture, reducing the risk of falling victim to today’s most prevalent attacks. Our comprehensive assessments also highlight vulnerabilities in legacy systems and offer practical steps to improve overall network security.
While we can’t redesign the internet from scratch, we can help businesses adapt to the current landscape, closing security gaps and preparing for future threats.