European Union: The Security Of Internet Infrastructure Is Challenged By EU Agency

The European Union Agency for Network and Information Security ("ENISA") has issued a report recommending that the principal infrastructure on which the internet is based needs to be reassessed to address increasing security threats.

Following an earlier report published at the end of 2014 which warned that privacy and data protection are being ignored by companies developing new services and products, ENISA published a further report on 15 January highlighting the numerous threats to the underlying infrastructure of the worldwide internet. The report, Threat Landscape and Good Practice Guide for Internet Infrastructure, makes recommendations with the aim of improving internet security and also scrutinises various emerging trends which threaten the long term security of the worldwide internet.

ENISA's report details the numerous assets that comprise the internet's basic infrastructure (namely: hardware, software, information, human resources, protocols, services, interconnections and infrastructure) and seeks to classify the threats that are applicable to each of these components. The threats include routing threats, DNS threats, and Denial of Service. Each threat that has been identified in the report is then linked with a list of the exposed assets.

The report also contains a gap analysis which seeks to summarise the inadequacies of what is currently considered good practice. The recommendation of the report is that owners of internet infrastructure and the regulatory bodies governing electronic communications networks evaluate their current level of security.

In the accompanying press release ENISA's Executive Director, Udo Helmbracht notes: "Threats analysed in the current study indicate they are globally on the rise. It is important to apply good practices and promote the exchange of information, in order to mitigate threats and secure Internet infrastructure. ENISA's Guide gives an up to date overview of emerging threats and lays the foundations for the community towards a more secure Internet infrastructure through proper risk assessment, training and evaluation".

ENISA's report serves as a gentle reminder to make sure all internal protective housekeeping is in order. 

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.