Cyber Security, the FCC, and the Big Four ISPs: Good News for Web Posters

(Ping! Zine Web Hosting Magazine) – Throughout the history of the FCC, there has been a lot of discussion on how much good they do the community in terms of protection versus censorship. They have established a relationship as being a fairly stringent organization guided by those who prefer censorship over building creative relationships. Even a blind squirrel finds an acorn every once and a while, and so does the FCC. In this case the FCCs acorn is legislation that is actually beneficial to cyber security.

The Federal Communications Corporation held an advisory committee on cyber security and came up with three main areas that need increased scrutiny and improvement on behalf of four of the largest internet service providers (ISPs). These ISPs include AT&T, Time Warner, Verizon Communications, and Comcast Cable. The three security risks that the advisory committee wanted to stress are threats from botnets, domain name fraud, and Internet route jacking.

These were all found to be significant enough to warrant research from the FCCs CSRIC which stands for “Communications, Security, Reliability, and Interoperability Council.” This council is comprised of 8 wireless and wired ISPs who represent approximately 80% of the broadband users within the United States. The Chairman was quoted as saying “If you own a PC, you’ll be significantly better protected against your computer [being] taken over by a bad actor, who could destroy your private files or steal your personal information. If you shop or bank online, you’ll be significantly better protected against being directed to an illegitimate website and having your credit card number stolen.”

The basic idea of the advice from the FCC is to push the big ISPs to research and implement new measures for protection against the three biggest security threats that the committee found. In regards to the botnet threat the FCC created a botnet code of conduct which will put measures in place to educate customers on the threat, warn customers about any botnets found, and also assist those customers who happen to find themselves with a computer infected by a botnet.

The second threat, domain name fraud, is being targeted vigorously as well. Each ISP that has agreed to the FCCs recommendations will abide by recommendations for each threat. This includes the implementation of DNSSECC. This is a set of secure protocol extensions that are designed specifically to prevent DNS spoofing.

Third, the committee suggested that each ISP create an Internet-protocol-route high jacking framework. This is a secure way that is aimed at attempting to reduce the number of times that internet traffic is misdirected. The latter two recommendations are extremely useful for companies that constantly intake and process secure information. They could be used in banks, vendors, and e-commerce sites that are highly attractive to those wishing to steal data.

Although supported by some of the biggest ISPs including AT&T, Time Warner, Verizon Wireless, and Comcast Cable, it is clear that they will not be able to do this alone. It will take a great deal of partnership between the big ISPs and security companies that specialize in these threats. Whether the ISPs use a web security company that they are partnered with, or if they need to use outside help, it is clear that there will need to be some patience. This will not be an overnight transition but it will certainly be beneficial for anyone who uses the internet. The FCC has done a solid job in this case and we can only hope that they continue this trend into the future.

Tech writer EJ Parfitt has been writing for a while now and is a respected writer with Comcast Cable provider sites.  During his free time , you’re sure to see him competing in local chess tournaments in downtown Fort Lauderdale FL .