This year has been a time of many changes. Now, more people are connected to the Internet through their home routers for teleworking, shopping, or leisure. This is where the security of Internet operators becomes more important.
The question is whether the ISP's security is good enough to be the only one needed by our companies and teleworkers.
Today we are going to talk about security when connecting from our homes to the Internet, and why ISP security measures are not enough for teleworkers.
In case you don't know, ISP stands for Internet Service Provider. It is basically a company that provides Internet connection services to its clients.
The Covid-19 pandemic has changed the way we work and also the way we live. Right now many people are working remotely from their homes, either because of the Coronavirus or because they used to work from there. Without a doubt, these workers depend on their Internet operator to do their job. Thanks to the Internet service they receive, they can keep in touch with their customers, suppliers and colleagues during their working day. In addition, they use the network for personal matters such as shopping and private relationships with family and friends.
Is the ISP' security adequate?
One aspect to consider is that Internet operators or ISPs are not known for their security protections. However, many of them claim that they are increasing their defenses against attacks carried out by cyber-criminals, either by having a specific cybersecurity division, or by directly contracting hardware and support from leading companies in the world of cybersecurity. One of the questions is whether small and medium-sized businesses can be confident that with these measures they will have sufficient protection, i.e. is the protection that ISPs have sufficient to prevent attacks from affecting us?
According to Vince Crisler, executive director of Dark Cubed and former director of information security at the White House, the answer is no. The reason he argues is that security for small businesses and residential users is primarily about minimalist capabilities driven by marketing purposes rather than security.
Reasons why ISP security protections are not sufficient
Now let's look at the reasons why the security capabilities of ISPs tend to be minimal or incomplete. In that sense, Crisler comments that this is because the ISP is mainly focused on providing a reliable and stable bandwidth for their customers. He also comments that they value these two things above all else. Therefore, if they needed to make a decision between security and uptime their decision would focus on uptime.
Another issue to take into account is that the domestic hardware offered by ISPs is often obsolete and not well protected, as it has many security vulnerabilities or uses old versions of their internal software. It should be noted that many clients rent or use network hardware from their ISP. These devices, such as routers, often lack basic security controls. The problem is that these devices rarely receive firmware updates, and sometimes even leave services such as Telnet or web management open and exposed.
However, ISPs defend themselves by saying that security problems do not depend solely on them. This is also true, due to the high expectations their clients have, but this does not mean that they should not improve.
How ISP security can be improved
Shrihari Pandit, president and CEO of Stealth Communications, thinks the best way to solve this is by making changes to the OSI communication layers.
In the Layer 1 / Physical layer, one problem is that traffic is not encrypted between the ISP and the client in most cases. This is particularly serious with providers who provide services over wireless or PON fiber technologies. These technologies transmit traffic to all subscribers and allow attackers to physically access the network. The GPON standard, makes use of AES encryption as indicated by the standard.
On the other hand, the Layer 2 / Data Link Layer (Ethernet), which represents a communication route between the ISP and the client, usually also has no encrypted traffic and is prone to espionage. One way to improve security in this area is by implementing technologies such as MACsec.
At Layer 3 / Transport Layer (Internet Protocol) users and organizations can implement IPsec to provide end-to-end encryption between two endpoints on the Internet.
This makes it difficult for cybercriminals to access the Internet so they can decode the traffic from the Internet provider. That is, making use of VPN protocols to add an additional security layer.
Vince Crisler says that ISP customers want to use their Internet connections for any purpose, without being monitored by their provider. However, to provide security ISPs should go beyond our privacy. The issue of ISP security is complex, and right now to maintain privacy free VPNs are becoming one of the best alternatives we have.Technology vector created by freepik - www.freepik.com
Licenciada en Bellas Artes y programadora por pasión. Cuando tengo un rato retoco fotos, edito vídeos y diseño cosas. El resto del tiempo escribo en MA-NO WEB DESIGN AND DEVELOPMENT.
These days, biometric authentication seems to be part of every little gadget or device we use. You’ve no doubt used it when logging onto your laptop, your tablet, or your…
Privacy on the web is a very important factor for users and there are more and more tools to help us maintain it. Without a doubt VPN services have had…
Every day our smartphones suffer attacks, viruses, malware and information theft. In this article you will be able to deduce if you need a VPN in your mobile phone to…
We have not learned and we still use passwords that are extremely easy to hack and vulnerable to cyber attacks. If you don't want your credentials to end up in…
It can seem that not a day goes by when we don’t hear of some new hacking case or people who have had their sensitive date compromised via the internet.…
Despite all the security flaws, data leaks or privacy risks, the vast majority of people still use things like "123456" for their password. Darlings, it's time to take security a little…
As we know, there are many moving parts to building a Security Operations Centre (SOC). From a technological point of view, it is very important to count on open source…
The Ubuntu repositories contain several useful tools for maintaining a secure network and network administration.This security tools include network scanning,attack detection,Virus Detection etc. 1) Wireshark -- network traffic analyzer Wireshark is a…
Identity theft has always been a concern, but with more and more details of our private lives openly accessible on the Internet, it's easier than ever for cybercriminals to steal…