Agenda item No. 4: Mandate the rollout of DNSSEC and BGPSEC
The Internet has become a fundamental pathway for public, private, and government communication, as well as financial transactions. Unfortunately, core infrastructure components in the United States remain woefully lacking in security for both DNS and BGP, making them unacceptably open targets for hackers.
Securing BGP is an absolute necessity. Only recently, there was a relatively significant routing problem that took parts of the Internet offline for several hours. The cause was runaway BGP advertisements from a single BGP peer. BGPSEC might not have helped that particular instance, as it was caused by human error, but the same problem would have occurred if someone had purposefully injected bad routing advertisements via unsecured BGP peers.
DNS is the cornerstone of IP networking. Without the names, we only have numbers, and while the resources might be available, without the directory converting the name of those resources to IP addresses, we can't see the forest for the trees. Also, by poisoning DNS server cache, malcontents can direct users to their own versions of known Web sites and swipe their log-ins or gain access to other sensitive information. Ensuring that DNS servers cannot be compromised at any level is a requirement for a secure Internet.
Implementing DNSSEC and BGPSEC throughout the country is not only the right thing to do, it's not a terribly difficult task to accomplish. In fact, ISPs and hosting providers should have done so already. The hard part would be coordinating the effort. Given a clear time frame and guidelines set forth by the government, carriers could be coerced into stepping up to the plate and implementing this basic and extremely vital safeguarding methodology for the Internet.
Agenda item No. 5: Clean up the spam mess
According to Spamhaus, the United States is far and away the No. 1 source for all spam. In fact, most companies are experiencing spam levels as high as 99 percent of all incoming e-mail -- a ridiculous proportion made that much more unpalatable by the amount of phishing attempts hidden within. If these levels persist, they will eventually cause the demise of e-mail as a viable communications medium.
There is only so much that can be done within a single country to fix this problem, but steps need to be taken -- soon. One tactic would be to institute a mandatory $10-per-spam fine for anyone determined to be sending unsolicited bulk e-mail. By aggressively locating and prosecuting these cases, the United States could curtail a sizable chunk of spammers based within its borders. After all, the quickest way to end unsavory practices like this is to make them economically unviable. Meaningful fines pursued diligently are one method of achieving that goal.
Of course, this approach would not stop overseas spammers, and botnet spam operations would continue. But if written properly, the law could ensure grounds for prosecution of any botnet with even a single member existing under US jurisdiction.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.