YOU ARE AT:OpinionReality Check: DDoS attacks turning net neutrality into a principle of bias

Reality Check: DDoS attacks turning net neutrality into a principle of bias

Telecom operators are in a prime position to use their network insights and net neutrality legislation to counter DDoS attacks and target new business opportunities.

Net neutrality is at the core of the internet’s guiding principles. The idea that internet service providers should direct all content and traffic from one destination to another, without passing judgement about the content, is widely recognized as the best means to preserve free speech online.

Many ISPs argue it is beyond their capability to accurately discriminate distributed denial of service traffic from legitimate traffic and thereby would put them at risk of inadvertently discarding good flows.

In general, internet bandwidth is comprised of a wide variety of traffic flows. While the majority of traffic is legitimate, significant portions are sometimes unnecessary and increasingly damaging streams of traffic. What happens when the content in question is dangerous, such as the malicious traffic involved in a DDoS attack? As cyberattacks become increasingly sophisticated, many organizations are looking further upstream to their ISP to protect them against DDoS threats. Net neutrality is intended to prevent an ISP from favoring a specific application or other types of legitimate traffic in order to preserve a fair marketplace for consumers. It would be hard to argue that this extends to protecting the market opportunity for bad actors intent on causing outages or worse.

In order for the internet to thrive and ISP’s to continue protecting their own infrastructure, and that of their downstream customers, internet security and neutrality must coexist. DDoS is sometimes used as a protest against an organization or ideological stance that appears online. Hackers are taking advantage of universal access to unleash massive botnet attacks launched by unsuspecting businesses’ interconnected devices, which have been hijacked by the cybercriminals – and ISPs are able to stand on the sidelines and watch their customers’ bandwidth be used against them by the cybercriminals. DDoS attacks leave the critical infrastructure of an ISP at risk for massive outages that impact all traffic flow, not just select streams. Net neutrality is generally a policy geared towards fairness – but to put all flows at risk by treating the bad traffic “fairly” seems to be a step beyond what was intended.

On the flip side, one would expect carriers could capitalize on the opportunity to remove DDoS from the traffic flows. Carriers can incorporate DDoS mitigation into their portfolio of service offerings, enabling them to offer differentiated value-added security services. If a customer would like to have extra protection and services dedicated to keeping their pipes clean and defended from DDoS attackers, they will be able to incorporate that into their contract and pay a premium for that service. A provider that can be flexible and responsive to the needs of each unique customer case will be better positioned to cement their position in the market with a view to expansion. It is clearly a revenue-generating opportunity, with the added bonus of improving customers’ experience and customer relations.

In a survey conducted by Corero Network Security, the majority of IT security professionals (53%) believe ISPs are hiding behind net neutrality laws as a way to dodge their responsibilities when it comes to protecting their customers from DDoS attacks. Defending against these types of attacks is an important area of focus for service providers, given their bandwidth capacity and volume of customers – and the fact that they are uniquely positioned to eliminate bad traffic upstream from appropriate peering points, before it even reaches their customers’ networks.

Today, in-line, real-time DDoS mitigation solutions have become technologically viable. Providers can now deploy their DDoS mitigation operations at peering or transit points, using technology that is scalable and responsive. These systems are automated, always on and capable of responding to attacks as they happen – thus reducing headaches for providers everywhere. What’s more it’s possible to design policies uniquely for customers and ensure that they get only good traffic flowing through their pipes. So, rather than hiding behind net neutrality, telcos have a valuable opportunity to modernize their services and generate new revenue streams in the process – or risk a steady decline of their customer base.

These technological developments, combined with the ability for customers to compare services and prices online, presents both an opportunity and a risk for ISPs and telcos. Losing customers is far easier than gaining them – especially when the industry is placing a premium on keeping data secure and their networks free from malicious cyberthreats. Providers have a clear opportunity to revolutionize their services and generate new channels for revenue – or risk a steady decline in customer satisfaction and ultimately revenue.

Dave Larson is COO and CTO at Corero Network Security. His email is Dave.Larson@corero.com.

Editor’s Note: The RCR Wireless News Reality Check section is where C-level executives and advisory firms from across the mobile industry share unique insights and experiences.

ABOUT AUTHOR

Reality Check
Reality Checkhttps://www.rcrwireless.com
Subject to editorial review and copy edit, RCR Wireless News accepts bylined thought leadership articles, up to 1000 words, from industry executives. Submitted articles become property of RCR Wireless News. Submit articles to engageRCR@rcrwireless.com with "Reality Check" in subject line.