Internet2: Network Routing Security and RPKI Adoption in Research and Education
A Q&A with James Deaton
Where are we today with routing security, particularly for our research and higher education networks? How can we connect with resources that will not only inform but also help us proactively keep our networks safe from threats like route hijacking or route leaks that can result in costly outages and data loss?
James Deaton, vice president of network services at Internet2, leads the strategic direction and operations of Internet2's world-class network infrastructure in support of the U.S. research and education (R&E) community. Here, we ask Deaton about Internet2's initiatives and leadership efforts to promote routing security and RPKI adoption.
Mary Grush: Why should network routing security be included in the overall cybersecurity priorities for research and education networks?
James Deaton: This is an important question, given all the attention we have today on cybersecurity concerns. R&E networks play a critical role in the mission of higher education institutions, supporting teaching and learning as well as research and public service. Network routing security incidents can directly affect the reliability and resilience of those networks, impacting everything from academic programs and administrative functions to sensitive research collaborations. So, while data privacy and application security often take center stage, network routing security is also an essential part of cybersecurity.
While data privacy and application security often take center stage, network routing security is also an essential part of cybersecurity.
Grush: What's at stake if network routing security is compromised? How would a CIO or CISO see this?
Deaton: Prioritizing routing security as we do with Internet2 and within our R&E community helps protect against threats like route hijacking and leaks. These incidents can lead to outages and data loss, potentially bringing essential services to a full stop.
From the CIO's or the CISO's perspective, a network routing issue can mean extended downtime on the campus network and lost or compromised data. Academic programs can be disrupted, because of not having access to cloud-based services. Significant service interruptions may result in serious financial loss for the institution.
A network routing issue can mean extended downtime on the campus network and lost or compromised data.
These things can even damage an institution's reputation, which could ultimately hurt its ability to attract students and faculty, or researchers and funding if these types of incidents occur over time.
Let's take a recent example of what's at stake when Internet routing security is compromised. We saw, just this past July, a real-world incident where a commercial network outside of the U.S. hijacked IP addresses from a U.S.-based research and education network — and that disrupted key infrastructure and shut down some of the critical services within that R&E network, including the state's public-facing websites.
An incident like that illustrates how routing security breaches can have far-reaching impacts; from preventing student access to online resources, to disrupting ongoing research collaborations, to upending normal business processes.
Grush: What's the key thing that leaders of potentially affected R&E networks should focus on, to protect their organizations from all this?
Deaton: Routing security issues are pressing concerns, very obviously, for members of the R&E community. But they are not unique to the R&E community or to individual institutions.