|Issue:||Latin America 2007|
|Topic:||The changing Internet|
|Title:||Chief Security Officer and Vice President for Networking and Information Security|
As VeriSignís Chief Security Officer and Vice President for Networking and Information Security, Ken Silva oversees the mission critical infrastructure for all network security and production IT services for VeriSignís security, registry and telecommunications services. Mr Silva joined VeriSign with more than 20 yearsí experience in the telecommunications and security industry. He came from the National Security Agency, where he served most recently as executive technical director. Mr Silva has served in various other leadership positions, taught courses at the national cryptologic school, and served ten years in the United States Air Force. Mr Silva serves on the board of directors for the Information Technology, Information Sharing and Analysis Center, IT-ISAC, and is the Chairman of the board of the Internet Security Alliance. He also advises and participates in a number of national and international committees for organizations, including the National Infrastructure Protection Center, NIPC, White House ISP Security Panel, the ICANN DNS Security Panel, the Network Reliability and Interoperability Council, NRIC, and the National Security Telecommunications Advisory Committee, NSTAC.
Internet usage has grown at an amazing pace. YouTube consumes as much bandwidth today as the entire Internet in the year 2000. Bandwidth typically available at home is growing apace. In 2004 the typical residence needed less than three Mbps of bandwidth, but this should grow to 57 Mbps by 2009. As a result of the increased usage, security attacks have grown 2,000 per cent since 2000 and should increase by 50 per cent in each of the next two years.
We live in an exciting world – one that is changing dramatically every day. YouTube, Second Life, MySpace, iPhone – you probably hadnít even heard of these a year ago. Today, they dominate the discussion about societal trends and the future of communications and the Internet. Once upon a time, e-commerce drove the Internet debate but now itís clear we have entered a new era and you can feel the Internet changing daily. Today, consumers have ushered in the ëAny Eraí, demanding access to any information, from any device, any time and anywhere they want it, but they do not only want access. Consumers want the ability to contribute, personalise and socialise. Consumer generated websites such as Facebook, Wikipedia and Flickr have elbowed out many traditional companies to rank among the top 20 websites in the country. These increasingly popular social-networking sites are accounting for such huge volumes of domain name system, DNS, queries and bandwidth consumption that carriers and corporations are scrambling to keep pace. We have been living this transformation for more than 12 years – from the early days of basic Internet access and websites to the adolescent years of e-commerce and e-business to the high school years of Web 2.0, ubiquitous instant messaging, voice over IP, smart phones, RFID and broadband video delivery. Itís thrilling to consider the myriad possibilities for the Internet that we have not yet even thought of, but that same exciting unknown also holds equally dangerous pitfalls. Until recently, the Internet has grown largely based on services designed for the IP network, and that organic growth was visible and measurable. Now, with the migration to the Internet Protocol of existing infrastructures, services not originally designed for the Net – such as telephony and TV – we are seeing explosive, bursty growth. This increased volume is reflected in the number of queries made of the .com and .net DNS infrastructure every day. In 2000, the .com and .net systems received one billion daily requests for information; today they receive 30 billion requests and rising. The following data further demonstrates this emerging use and growth of the Internet: ï YouTube consumed as much bandwidth as the entire Internet in year 2000; ï Internet-based TV subscribers should reach 100 million by late 2010, up from three million in 2006; ï there are 15,534,550 SMS transactions every five minutes; ï total VoIP subscribers worldwide are projected to grow to over 55 million in 2009 from 16 million in 2005; ï the wireless industry is adding 40 million new connections a month, including six million in India and five million in China; ï and, wireless gaming revenues will double from 2006 to 2008, to US$1.6 billion. These developments reflect what is likely to be the continued meteoric growth of the Internet-user population. Morgan Stanley estimated in November 2006 that there will be more than 1.34 billion Internet users worldwide in 2007. Threats to the Internet At the same time, the growth of Internet users, broadband capacity and number of Internet-enabled devices has created an opportunity for hackers, organised criminals and even more serious terrorists to attack our networks through SPAM, spyware, identity theft, viral attacks, and denial of service exploits. Some do so for technical notoriety, some for political objectives but, today, most of the attacks on the Internet are done for financial gain. Specifically, the very devices and increased bandwidth that make the Internet more robust and consumer-friendly are now deployed to compromise the Internet. Computers are always on, so they are easily accessible for hijacking by hackers and other criminals. The increased bandwidth and computing power available literally gives hackers more ammunition to use against the infrastructure. While a Jupiter Research report in 2004 found that the typical home needed less than three Mbps of bandwidth, that level has steadily grown and given the demands of gaming and video that capacity should grow to 57 Mbps by 2009. That means that hackers will have 19 times the computing capacity available to them in the PCs they hijack in that period. Indeed, security attacks have grown by 700 per cent since 2000 and, in fact, we expect to see cyber attacks rise 50 per cent in each of the next two years. A series of attacks on the Internet infrastructure in early 2007 reflect how these incidents have grown in frequency and sophistication – some 100 times more threatening than attacks conducted just a few years before. Given the increased usage and mounting threats, the Internet infrastructure must be continually fortified. As a major DNS system service provider, we have the responsibility of ensuring that at any given moment in time, any and all Internet users can reach the .com and .net domain names worldwide. Just six years ago, we managed one million DNS queries a day. Today, we do that same volume in minutes. That number of DNS queries will continue to grow, and likely skyrocket. By 2010, we project that we will handle 270 billion queries a day. Thatís more than three million DNS queries every second of every day. There is no credit card, phone or any other system in the world that handles that volume of transactions. Scaling the infrastructure To manage that load, calls for increasing the size of the DNS infrastructure 10 times by 2010, pushing capacity from 400 billion DNS queries per day to 4 trillion, and pushing speeds from 20Gbps to 200Gbps. This effort, named Project Titan, not only includes installing more equipment but increasing and refining the systems, operations and processes worldwide to manage growing Internet traffic. SCALING THE INTERNET INFRASTRUCTURE As part of this initiative, weíre in the process of spreading the DNS infrastructure globally, in locations such as India, Germany, Chile and South Africa, to fortify that infrastructure and get closer to the end user. We have also recently deployed new resolution sites in Brazil, Kenya and Argentina, and are in the process of deploying 70 new ëconstellation sitesí around the globe to manage traffic. By continuously expanding the constellation of geographically dispersed Internet resolution sites in regions of emerging growth, the distributed infrastructure ensures that the .com and .net systems will have greater redundancy and reduced latency, which will improve the experience for users by reducing bottlenecks and increasing speed. At the same time, state-of-the-art engineering enhancements to the system will also create increased capability to track, correlate and pinpoint security and network-related events on a global basis, providing even greater security and stability against attacks. The always-on Internet The Internet is often taken for granted because it works so well, but we are now entering an unprecedented new era of the Internet and we canít take for granted that it will remain always on, let alone secure, with no effort on our part. Internet users must stay vigilant about cyber attacks. Infrastructure operators must prepare for their worst-case scenarios – and then prepare for even worse. Governments must work more closely with industry to ensure that the systems that protect our national security and economic prosperity are truly up to the task.