We do not possess the ability to read the future, and yet we can predict with a high level of certainty that we will see more major cybersecurity incidents in 2016 and 2017.
The world’s cybersecurity capability is not able to advance in line with the growing vulnerabilities. We are faced by more and more threats each day, and hackers are becoming more sophisticated. Whether an organization invests $1 million or $100 million in its security infrastructure, it will still remain vulnerable. What’s worse, there appears no end to this disparity.
Emerging security solutions, great as they may be, do not change the overall way of things; the Internet favors the attacker. Amazing entrepreneurs, as well as established companies, are creating solutions that implement better anomaly detection, better network segregation, better user identification and better leakage prevention. However, these are simply stepping stones, without the necessary leap forward that is required for a long-term solution.
At the same time, the cost of securing businesses from cyberattacks is constantly increasing. This is compounded by old technologies not being replaced by new technologies. Instead, new technologies are being added to already crowded security infrastructures. Unless this changes, there may come a day in which it is no longer deemed cost-effective, business-wise, to introduce new services on the Internet.
Incremental security changes will not work. We need disruptive innovation in the world of cybersecurity. A paradigm shift — something that will change dramatically the way things work. We want a solution that will have a significant positive effect, similar to the one created by the invention of the car, smartphone or time travel.
I am going to discuss one such solution now — creating a new, much more secure Internet that will dramatically improve cyber resilience and, at the same time, dramatically reduce expenditures on cybersecurity. Welcome to the world of AGNs (Alternative Global Network). To understand the concept of AGNs, we must go back to 1969.
In the beginning
In 1969, the same year that Neil Armstrong became the first man to step on the moon and the Beatles released their last album, Abby Road, a first packet was transmitted over a small network named the “Advanced Research Projects Agency Network,” also known as the ARPANET.
Trust was not something to be concerned about in this small and controlled network. Trust existed in the ARPANET because there was trust in the real world. The different users knew each other and the few connected devices were all controlled by the creators of the network. Risks such as fraud, hacking, malware, denial of service attacks and others were, to say the least, extremely improbable.
As time went by, the ARPANET expanded and became the technical foundation for the Internet as we know it.
So what do we have today? Billions of users, who don’t know each other and certainly do not trust one another, connecting through all sorts of devices (we have no clue what is connected to the Internet) and using the network in any way they deem fit.
Trust has become a challenge.
When the ARPANET project began, no one expected that it would become such a huge success. In these essential early stages, it was not designed with security in mind, but rather to ensure connectivity. And yet, in a very short time, the ARPANET grew from a small research network to the huge global network that we all use today.
Many of the modern security challenges that we experience should be attributed to the fact that the Internet is not secured-by-design. It should be agreed that given the opportunity, we would definitely redesign it.
And to make things worse, much worse, the way the Internet was implemented prevents us from upgrading it to a more secure version. Let me explain what I mean when I say that the Internet cannot be upgraded.
We see a lot of innovation on the Internet. We see amazing new applications using new types of innovative protocols, like Voice over IP and video tunneling — things that no one imagined when the Internet started.
Nevertheless, none of those innovative applications are improving the core way the Internet works. We have been using the same problematic TCP/IP stack (more or less) over the past few decades, with zero probability that it will be replaced in the years to come.
We have an immediate need for a more efficient, secure, trustworthy and innovation-friendly (upgradeable) Internet.
Why? To upgrade the Internet, we actually would have to upgrade all the routers, switches and other connected network devices. And that is impossible to achieve because the network devices are mostly embedded systems that are bundled with hardware. They do not have standard interfaces and only the manufacturer controls the software, which means there is no way to do it remotely. We would have to access and upgrade each and every device.
Even with IPv6 we have failed. IPv6 is still not widely implemented, even though the IETF published its RFC in 1998 and everybody agreed about its importance. Google’s statistics show that only about 10 percent of the users who access Google services are doing so while using IPv6.
And much like any other place in which innovation has taken a backseat, we see so many problems with networking technologies today: they are hard to manage, inefficient, unreliable, costly, prone to manipulations and the list goes on.
Billions of new devices will be connected to the Internet in the coming years (according to Gartner). At the same time, as we have discussed, cybersecurity threats will dramatically increase. Therefore, we have an immediate need for a more efficient, secure, trustworthy and innovation-friendly (upgradeable) Internet.
AGNs (next-generation Internet)
Though upgrading the current Internet is an unfeasible task, there might be another way.
Wireless connectivity technologies of all kinds (Wi-Fi, satellites, cellular, etc.) have vastly improved in recent years. And soon they will reach a point where commercial companies, by using a small number of network devices, could implement worldwide networks that will allow Internet access from everywhere, by anyone and at any time.
Two great examples of companies that are currently working on bringing wireless Internet connectivity solutions to places around the globe that do not have traditional access are Google and Facebook — Google with activities like Project Loon, in which they are planning to use high-altitude balloons, and Facebook with activities like Internet.org that propose the use of solar-powered drones.
Though daring, a worldwide wireless Internet is inevitable. It simply makes more sense than spending trillions on upgrading super-costly physical infrastructures.
And herein lies the opportunity.
A “worldwide wireless Internet access solution” will allow us to implement a new way of networking, instead of using the traditional TCP/IP Stack based network. This network will not necessarily be IP-based, but rather be built upon a new connectivity model — more secure, simpler to manage and more efficient.
Let’s call this non-TCP/IP global network AGN: Alternative Global Network.
Cybersecurity and AGN
AGNs will introduce numerous opportunities (as well as numerous challenges) — far too many to discuss here. Hence, I will write about three disruptive benefits that represent a paradigm shift in the world of cybersecurity that will be created by AGNs.
One: No need for new security tools
In the world of cybersecurity as we know it today, every new problem (or family of problems) leads to the creation of a new family of products. New attack vector = new security tools. This is why, while trying to keep up with emerging threats, we continue to buy new security products.
The cost of securing businesses from cyberattacks is constantly increasing.
As previously mentioned, those new emerging solutions represent incremental improvements in cybersecurity. They retain the status quo, rarely addressing the underlying problem, and do not create the changes necessary to overcome the threat of hackers. AGNs will radically change our current approach toward cybersecurity, rebalancing the power divide between the Internet as a force of good and those seeking to undermine it.
The AGN architecture design should allow the AGN provider to upgrade the network operating system and protocol stack both quickly and simply. Obviously, this creates new innovative opportunities, and will also have a tremendous effect on cybersecurity. Here are some examples:
- A malicious entity seeks to exploit the way an AGN protocol works in order to facilitate a denial of service attack (much like what we see today). In that case, the moment the first attack has occurred and been analyzed, the AGN provider can update the entire network in a matter of seconds, to prevent the same attack scenario from recurring. This removes the need for every organization to buy a new cycle of products, saving billions on cybersecurity expenses worldwide.
- Someone finds a bug in a tunneling protocol that enables them to gain access to what was otherwise restricted data. Again, a simple update (network security patch) and it is fixed.
- A new secure GPS-aware packet transportation protocol is needed to support autonomous cars and drones. No problem, come back tomorrow and it will be ready.
The ability to mitigate security risks and create new network services breaks the paradigm of new security risks = procurement of a new set of security tools. Through this, one of the biggest challenges facing cybersecurity today can be solved.
Two: Network virtualization
AGN benefits can include, among many others, all of the benefits that software-defined networking (SDN) aim to introduce, but on a global scale. Benefits such as cost reduction, software-defined packet forwarding, central management and many others. If you are not familiar with SDNs, I urge you to learn more about the concept.
One of the most important benefits of SDN, which will also become one of the most important benefits of an AGN, is what is known as simplified virtual management. Though virtual management is already implemented in some organizations (through SDNs), in a global network its benefits are leveraged and ultimately augmented.
Virtualization in networking will have a similar effect to the one virtualization has in computing, i.e. completely revolutionizing the paradigm of the existing coupling between hardware and software.
Virtualization means the ability to simulate a hardware platform, such as network devices, in software. All of the device’s functionality is simulated by the software, with the ability to operate like a hardware-device solution would.
The virtualization of networking will also simplify implementing security tools.
With network virtualization, any network architecture can be defined for any given set of devices, while completely ignoring the physical aspects of how those devices actually connect to the network. For example, your “home” network could contain your computer, laptop, mobile phone, car and all of your family member’s devices, with no regard to where they are in the world and without the need to implement any type of VPN solution.
Because the allocation of a device to a network is determined by soft switches (application-based switches), you can sit at the other side of the world and still be connected seamlessly to your home network. This is possible because the network architecture is defined by software rather than physical hardware (as opposed to today, where connections to your home network are only possible if you are connected to your home router).
You might be able to define any type of network architecture just by drawing and setting it up on a graphical dashboard. Alternatively, you might be able to combine any type of security solution in your network by using simple drag-and-drop gestures. Those tools can include firewalls, IDSs, IPSs, network recording, Anti-DDoS, etc., all of which are virtual appliances.
The virtualization of networking will also simplify implementing security tools. If a CISO suspects that someone is already inside his network, and thus he wants to implement a new network inspection solution for a short time, he will just have to add it to the dashboard and, with a click of a button, make all the traffic in the network flow through the new device. No need to define complex routing settings. No need to change vLan ACLs nor firewalls’ rules. Those of us who have faced these problems with traditional networks will really appreciate the change.
But for this to fully work, we also will have to change the way we think about networks. No more LANs and WANs. Anyone who wants to benefit from the network virtualization features will have to live by the principle of “every device is connected directly to the AGN” and the AGN will define logical separation to networks.
Three: Identified by default
The source of many problems we experience with the Internet today can be attributed to the fact that we are trying to supply services that require user identification on a network in which users are anonymous by default.
The same network is being used for e-banking services and drug purchasing, viewing medical results and child pornography, social networking and promoting terrorism.
No one will use AGNs unless access to the servers and services on the “Internet 1.0” will be enabled and seamless.
The AGN provider will be able to implement an identified-by-default network. In this solution, the AGN will authenticate users whenever they are starting to use the network and be able to supply this identity as a service to any application that requires it. In that case, a user might even be able to access his bank without the need to type in a username or password.
The federated identity approach is already being serviced by companies such as Facebook and Google. Federated identity means that the user’s single identity is being used by different identity management systems.
But not only will users be identified, the hardware devices, or rather the network interfaces, can also be controlled to improve security and trust in the network.
How can that be achieved?
To connect to an AGN, one must buy a new type of Network Interface Controller (NIC) that supports the AGN protocols stack (obviously, current TCP/IP NICs will not work with AGNs). A wise designing of such an NIC will create a remotely programmable/upgradeable firmware (to support the AGN provider’s ability to upgrade the AGN quickly and remotely). The NIC will also hold a unique private key (NICPK). This key will facilitate tunneling between devices, as well as functioning as a type of license to use the AGN.
Based on those NICPKs, stored in all the NICs connected to the AGN, the AGN provider will have the ability to create some kind of Network Access Prevention (NAP) solution that will prevent any unidentified and authorized NIC from communicating within the AGN. Also, device to network allocations will be determined based on the devices’ NICPK. For example, a CIO might define a whitelist of NICPKs that are allowed to access internal resources.
And probably the most important feature of using NICPKs is increasing users’ accountability. In the Internet, as we know it today, it is very hard to exercise accountability. Hackers and other malicious entities are getting away with almost anything. The AGN provider will change this, and monitor activities across the entire network. The provider can identify any activity that is not aligned with the network code of conduct and exercise the appropriate sanctions on the user and the device.
For example, if a user created a phishing attack, he will be banned from the AGN network (his account will be disabled and his NICPK will be removed from the whitelist of allowed devices). If a user used torrents to download movies illegally, he will be banned from accessing the AGN for a week. If somebody instigated a DDoS attack using many zombie computers (infected computers that are being remotely controlled by a hacker without the users’ knowledge and consent), the AGN provider will prevent those computers from accessing the network until the virus is removed.
Another feature of an identified-by-default network is the ability of the AGN provider to control which protocols and which websites are allowed. This gives the AGN provider the freedom to decide whether torrents will be allowed, and whether people are allowed to use TOR-like services. One might think that by creating protocol encapsulation, users can override the AGN provider restrictions, and eventually create things like an AGN-based darknet.
But this is not as easy as it might sound, for two major reasons: (A) centralized network management allows relatively easy deep protocol inspection, and (B) the moment the AGN provider learns about this new service, he will be able to completely eliminate it in a very short space of time, thus not allowing any unauthorized services enough time to grow.
Moving to an identified-by-design network with a centralized control and high level of accountability is a paradigm shift from the uncontrolled and decentralized Internet that we have today.
What will happen to the “old” Internet?
We can expect AGN providers to create native services that can only be accessed by the AGN users, and AGNs might eventually even completely replace the old TCP/IP-based Internet. Nevertheless, in the meantime, it is obvious that no one will use AGNs unless access to the servers and services on the “Internet 1.0” will be enabled and seamless.
For that to happen, the AGN provider will have to implement a secure gateway. This gateway will be in charge of protocol translation (by stripping and reconstructing or encapsulation) and safe pass. Creating an AGN <-> TCP/IP (or Internet 2.0 to Internet 1.0) gateway, while retaining a high level of security in the AGN, is one of the biggest challenges. AGN providers will have to endure to create an alternative Internet.
It is becoming harder and harder to secure digital assets. We need disruptive solutions that will create a shift in the balance of things — providing a vital lead over malicious factors. Not only can AGNs do that, but they can also completely alter our approach toward cybersecurity.
Some might be concerned about the loss of privacy in an AGN world — and they would be right to be worried. An AGN provider will have infinite power over its user. But the fact that he can, doesn’t necessarily mean that he will.
Many times privacy and security are opposite forces, and balancing between them is more an art than science. Sadly, the same goes for privacy and monetization. Nevertheless, if designed right, AGNs can have a real, positive impact on the world of technology, while making the users feel comfortable and secure.
Implementation, however, will require a very responsible and privacy-aware AGN provider — one that will not misuse their power. Finding a balance between security and privacy, between centralized control and open network, between monetization and fair use, are all challenges that we will have to face on the way to creating a secure AGN.
To be able to create a world in which AGNs are possible, we need to overcome several challenges and initiate several activities:
- Conducting research to create an effective, secure and upgradable network connectivity model (TCP/IP alternatives). This is a great opportunity for the industry to collaborate with academia.
- Designing an upgradable AGN NIC with a NICPK.
- Designing a secure gateway that will allow a safe pass between the AGN new connectivity model and the current Internet.
- Building an affordable way to create global wireless (or hybrid) networking solutions. Though wireless technologies are slower than wired technologies, the higher networking efficiency that we can achieve with a new connectivity model might, to some extent, bridge this gap.
- Devising the approach and code of conduct for such an Internet.