The relationship between cybersecurity teams and Internet service providers (ISPs) has always been at best conflicted. On the one hand, ISPs do block a lot of malicious network traffic. The problem is, based on the amount of malware that firewalls still need to block, too much of that malicious traffic is still finding its way to the network edge.
The World Economic Forum Centre for Cybersecurity at the annual World Economic Forum (WEF) held this week in Davos, Switzerland brought together several ISPs to focus more effort on identifying and blocking malicious network traffic before it reaches the end customer. The initiative is being spearheaded by the WEF Platform for Shaping the Future of Cybersecurity and Digital Trust that was established roughly a year ago.Find out how ISPs and @WEFCybersec are focusing more effort on identifying and blocking malicious network traffic before it reaches the end customer #cybersecurityClick To Tweet
Specifically, the ISPs pledge to collaborate on several cybersecurity initiatives, including:
- Protect consumers by default from widespread cyberattacks and act collectively with peers to identify and respond to known threats.
- Take action to raise awareness and understanding of threats and support consumers in protecting themselves and their networks.
- Work more closely with manufacturers and vendors of hardware, software and infrastructure to increase minimum levels of security.
- Take action to shore up the security of routing and signaling to reinforce effective defense against attacks.
ISPs that endorsed these principles include BT, Deutsche Telekom, Du Telecom, Korea Telecom, Proximus, Saudi Telcom, Singtel, Telstra. The International Telecommunications Union, an agency of the United Nations that promotes communications interoperability, along with Europol, the Global Cyber Alliance and Internet Society also pledged their support. Collectively, the ISPs signing on to the initiative serve more than one billion consumers in 180 countries in the process.
Profiting from cybercrime
Obviously, there are some major ISPs, especially from the U.S., missing from the initiative. Many ISPs generate a lot of revenue by providing cybersecurity services on top of the networking services they provide. It’s not clear how ISPs will reconcile their commitment to the principles outlined by WEF and what many of them charge for cybersecurity services. The truth is ISPs are monetizing to varying degrees the malicious traffic moving across their extended networks.'The truth is ISPs are monetizing to varying degrees the malicious traffic moving across their extended networks.' #cybersecurityClick To Tweet
To address that issue, the WEF said in the next phase of this effort it will focus on how governments and the public sector might do more to establish appropriate policy frameworks that would provide the best incentives to ISPs to act securely. Key areas of focus for a second phase will include defining roles and responsibilities for securing online ecosystems while ensuring that lines of accountability are clear; ensuring that actions taken are transparent and uphold principles relating to maintaining an open Internet; and working to define frameworks that incentivize adoption of best practices. WEF is hoping ISPs recognize they can be more profitable if they eliminate malicious traffic from their networks.
In the meantime, the good news is there should be more sharing of cybersecurity intelligence between ISPs. Hopefully, ISPs will also proactively share that intelligence with customers.
The WEF, of course, is inserting itself into this dialogue as part of its mission to foster an emerging global digital economy. Cyberattacks have been deemed by WEF to be the number one threat to the digital economy. The WEF said it is committed to driving broader cooperation across public- and private-sector stakeholders to address the fundamental economics that make cyberattacks profitable. By making the pain of being caught launching these attacks greater, the WEF is trying to increase the risk and penalties associated with getting caught. The trouble is that there are still a lot of countries where enforcement of cybersecurity laws aimed at cybercriminals are lax. Just like in the Prohibition era, the more illicit gains increase, the more tempting it becomes for officials to not see something occurring within their own borders, especially when the victims impacted by those activities reside in other countries.
There’s no doubt the intentions of all involved in the WEF initiative are noble, and the IT industry as a whole needs to start somewhere to protect a rising digital economy. However, the enforcement of those intentions will require a level of cooperation between countries that thus far has proved to be a lot more elusive than it should be.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.