ISPs failing to counter IT security attacks effectively, says ENISA

Tuesday 16 April 2013

Internet service providers (ISPs) have been accused of failing to apply well-known security measures which have been available for over a decade.

According to European Union cyber-security agency ENISA, this oversight is "a key factor" behind the failure to counter major cyber-attacks.

In a new flash note entitled 'Can Recent Cyber Attacks Really Threaten Internet Availability?', the agency focuses on the large-scale attack mounted in March against not-for-profit Spamhaus.

This was reportedly the biggest Distributed Denial of Service (DDoS) attack in internet history, causing significant problems at the London Internet Exchange over the course of one week.

ENISA says the technique used for the DDoS attack is "by no means new".

"Yet, even today, many network providers do not use a set of recommendations, known as Best Current Practice 38 (BCP38), which have been around for almost 13 years," it stated.

"A similar set of recommendations for DNS server operators - BCP140, published in 2008 - would have reduced the number of servers that can be misused for DNS amplification attacks."

ENISA said that if these recommendations had been implemented by all operators, traffic filtering would block such attacks.

Find out more about how Microsoft IT security solutions can improve your business' online defences.

Posted by Alex Boardman