ISPs Should Strongly Consider MANRS to Fight Cybercrime: World Economic Forum Report Thumbnail
Strengthening the Internet 23 January 2020

ISPs Should Strongly Consider MANRS to Fight Cybercrime: World Economic Forum Report

By Adrian WanSenior Policy and Advocacy Manager

A World Economic Forum (WEF) report released today recommends that Internet Service Providers (ISPs) should strongly consider joining the Mutually Agreed Norms for Routing Security (MANRS) initiative to improve the security of the Internet’s global routing system.

Systemic security issues about how traffic is routed on the Internet make it a relatively easy target for criminals. MANRS helps reduce the most common routing threats and increase efficiency and transparency among ISPs on peering relationships.

The WEF Centre for Cybersecurity identifies four actionable principles as effective in preventing malicious activities from getting “down the pipes” from network providers to consumers in the report Cybercrime Prevention: Principles for Internet Service Providers, released today in Davos, Switzerland.

The principles were developed and tested over a year with leading ISPs around the world and multilateral organizations, including BT, Deutsche Telekom, Du Telecom, Europol, Global Cyber Alliance, Korea Telecom, Proximus, Saudi Telcom, Singtel, Telstra, and ITU, WEF says in a press release.

One of the principles is to “take action to shore up the security of routing and signalling to reinforce effective defence against attacks”, and MANRS, a global initiative supported by the Internet Society, is one of the recommendations to achieve the principle to secure the backbone of the Internet.

The other principles are: protect consumers by default from widespread cyberattacks and act collectively with peers to identify and respond to known threats; take action to raise awareness and understanding of threats and support consumers in protecting themselves and their networks; and work more closely with manufacturers and vendors of hardware, software, and infrastructure to increase minimum levels of security.

The set of principles focuses on the strategic actions that the ISPs should take to protect consumers from common online crimes, thereby helping to “clean up” the Internet on the whole, the report says.

Like a road network, the Internet has its own highways and intersections that consist of cables and routers. The navigation system that manages the flow of data around the network is called the Border Gateway Protocol (BGP). When you visited this website, BGP determined the path through which the site’s data would be transmitted to your device.

Criminals manipulate the ways in which traffic is routed on the Internet to launch attacks that bring down networks and services. Many such attacks are result of criminals violating the underlying assumptions relating to identity which are implicit in the routing, naming, and addressing systems on the Internet. Some attacks result in denial-of-service (DoS) that can damage both the reputation of affected organizations and their ability to conduct business operations.

MANRS helps ISPs to implement well-established industry best practices and technological solutions that can address the most common problems, including incorrect routing information, traffic with spoofed source IP addresses, and coordination and collaboration between networks.

The WEF report also says the MANRS Observatory is one of the model examples – along with BT’s Cyber Indes42 – to help better understand the positive impact of the principles and other such initiatives would contribute to making the case for wider adoption.

The WEF says they will now use its Platform for Shaping the Future of Cybersecurity and Digital Trust to drive adoption of the principles and seek to initiate a dialogue between public- and private-sector stakeholders on how governments can incentivize uptake and establish clearer policy frameworks and expectations.

Collaboration and shared responsibility are key to the success of MANRS. So far, 275 network operators and 45 Internet Exchange Points (IXPs) have signed on. By joining, these companies are working hard to secure the fabric of the Internet.

By working collaboratively, ISPs will be better placed to protect their customers and defend their own networks than if they work alone. Routing security is vital to the stability and resilience of the Internet. Join us to protect the Internet together.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Encryption 3 May 2023

Encryption Keeps Kids Safe Online

Policymakers are proposing laws that will weaken encryption. The EARN IT Act, STOP CSAM Act, and many other proposed...

Strengthening the Internet 7 April 2023

Another Successful NDSS Symposium

Almost 500 leading academics, industry researchers, and security practitioners from around the world gathered in San Diego, California in February for...

Strengthening the Internet 24 March 2023

Fostering the Next Generation at the NDSS Symposium

The NDSS Symposium fosters the next generation of Internet security leaders—like 16-Year-old California high school student Aditya Puri.