Mumbai: The Internet Society (ISOC) and Internet Service Providers Association of India (ISPAI) today signed a Memorandum of Understanding (MoU) to undertake initiatives and activities to promote Mutually Agreed Norms for Routing Security (MANRS), in India. MANRS is a program whose primary objective is to reduce the most common threats to the Internet’s routing system.
The MoU is a step towards taking immediate action to improve the resilience and security of the routing infrastructure in India, and keep the Internet safe for businesses and consumers alike. Rajnesh Singh, Regional Bureau Director – Asia Pacific, ISOC and Rajesh Chharia, President, ISPAI signed the MoU in New Delhi, India on September 3 2018.
The MoU will help tackle the growing number of cyber security incidents in India. According to India’s Computer Emergency Response Team (CERT-in), 44,679, 49,455 and 50,362 cyber security incidents took place in India during the years 2014, 2015 and 2016, respectively. These incidents include phishing, website intrusions and defacements, virus and denial of service attacks amongst others. Routing security is vital to the future and stability of the Internet and MANRS provides simple but concrete steps for network operators that enable dramatically improved Internet security and reliability.
MANRS is a community driven initiative supported by the Internet Society, a global non-profit organization that aims to ensure the Internet continues to grow as a platform for innovation, economic development, and social progress around the world. Whilst the ISPAI serves as the voice of Internet Service Providers (ISPs) in India and is actively involved in the development of Internet infrastructure throughout the country. Both ISOC and ISPAI share a mutual vision of an open and global Internet that enables innovation and social opportunities.
Rajnesh Singh, Regional Bureau Director – Asia Pacific, ISOC said, “As per a survey conducted by ISOC, Cyber security is one of the top concerns for Internet users in the Asia Pacific region and unsecure routing is one of the most common reasons for malicious threats. With the explosive growth of the Internet in India and the region, it is imperative that we work towards building secure routing infrastructure by adopting MANRS. It is encouraging to see a leading organization such as ISPAI supporting MANRS and we look forward to further collaboration.”
Rajesh Chharia, President, ISPAI said, “The number of Internet users in India is skyrocketing and it is expected to double by 2021. However, there are growing concerns over cyber security and data security and the recent malware threats have impacted many globally. The government is taking measures to spread awareness about cybercrime and building capacity for safety measures, and the adoption of MANRS and association with ISOC will help ensure a safer Internet for all.”
As part of the MoU, both ISPAI and ISOC will focus on capacity building to undertake initiatives and activities to promote adoption of MANRS in India, to cooperate and render mutual assistance, and to encourage the attendance of ISPAI members to meetings, seminars, workshops and conferences on routing security. To support this initiative, ISOC conducted a “Network Security” workshop during the inaugural India Network Operators Group meeting (INNOG). The MoU will also see both organizations exchanging research information and training materials related to routing security.
In joining MANRS, participants commit to implement actions to address common challenges related to routing security:
- Filtering: Helps prevent the propagation of incorrect routing information. This technique provides assurance against unintentional configuration errors that can lead to “hijacking” traffic directed to other networks, resulting in widespread outages
- Anti-spoofing: Involves preventing traffic with spoofed source IP addresses, a practice that can help dramatically diminish the prevalence and impact of distributed denial of service (DDoS) attacks
- Coordination: Facilitates timely communication and coordination among peers, which is essential for incident mitigation and better assurance of the technical quality of relationships
- Global validation: Encourages network operators to publish routing data, which limits the scope of routing incidents and makes the global system more resilient.
The first two operational improvements eliminate common routing issues and attacks, while the second two procedural steps provide a bridge to universal adoption and decrease the likelihood of future incidents.