IGF 2010
Vilnius, Lithuania
14 September 10
Session 28
1130
ICANN
********
Note: The following is the output of the real-time captioning taken during Fifth Meeting of the IGF, in Vilnius. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.
********
>> BILL GRAHAM: Ladies and gentlemen, I think we're ready to start. If you'd please take your seats. Welcome to Workshop 28, which is on priorities for the long-term stability of the Internet. This is a workshop that's organized by the European Commission, the Internet society, the government of the Netherlands and the regulatory agency of our host country, Lithuania. We have a very full programme today. It consists of three segments, which I'll explain to you as each segment arrives, but we are honored today to have Mrs. Neelie Kroes, European Commissioner, to open the session. Neelie is vice president, as I said, of the European Commission, and she is well-known as a successful guardian of competition in Europe. Those of you who have been at the Brussels ICANN meeting will remember her very interesting and topical opening speech, so we're very pleased to have her open this session as well. Neelie?
>> NEELIE KROES: Thank you so much for your kind wording. I'll do my utmost to fulfill also in this challenging portfolio what we have today. I'm absolutely aware that talking about a digital agenda and talking about long-term stability of the Internet, there is still a lot to do and that we have to do it together, and that is the challenge for me to join this -- this workshop, and I think that if we are indeed successful in getting a step forward, then it makes sense to have an open dialogue and having an open discussion, so to say.
Having said that, I, of course, also want to thank all those who are participating, but not also participating but who are just taking the initiative and who are organizers for this workshop. It's not only the (off microphone) authority of the Republic of Lithuania, it is indeed the Dutch government, it is the Internet society, it's the Tama University, Japan, and with those organizers I think we can deal with this challenge.
Speakers from different stakeholder groups from the U.S., from Latin America, from Asia, from Africa and Europe, well, it is a global event, so to say, and that is help ensure the geographical but also the cultural diversity that we need in order to address the top he can from a broad raining of perspectives, and that is where a dialogue is indeed making sense, and stability of the Internet is a multifaceted issue. It is a topic that concerns users all over the world, and when we in Europe are faced for the digital agenda and taking it as a challenge, and I'm just advocating the implementation of the digital agenda, one of those issues is indeed that users should be aware that it's going to be trusted, but still a lot has to be done.
It will be interesting to hear what challenges different regions and stakeholders face, what's the highest concerns and priorities -- what the highest concerns and priorities are, and whether addressing them, they see the development of some form of globally shared principles as a useful tool. And I'm not in the mood to sound -- to sound too alarmist. There is a lot that can go wrong, no doubt about that, but from (off microphone) and the manifestation of natural disasters, take malicious inventions targeting our networks at (off microphone) or at the edges, and we all know examples in the recent years include submarine cable cuts in the Pacific, the Mediterranean, or the denial of service attack against Estonia, but to help to structure the discussion, I believe one can group those risks in a couple of categories, such as deliberate attacks, disruption of the physical infrastructure, incidents affecting the routing system stretched to the domain name system, and just a few of the risks.
There is also good news dimension, and that is that Internet has proven until now to be remarkably robust and resilient. That doesn't mean, however, that there is no necessity for a continuous effort to address stability threats, and I sincerely welcome your intention to be very concrete in your discussions, trying to find where international collaboration is needed, and of course if you do so, I have no doubt all relevant stakeholders will hear valuable messages of the IGF.
If you allow me to make a final remark, I would like to reassure you the facts of this introduction is given by somebody who is neither a techy nor a business woman does not mean that governments want to take over the Internet, so let that be clear. And if that message is taken, I am absolutely certain that we are combining the thought that the private sector must continue to play the leading role, and I'm talking about leading role in the daily management of the Internet, and we recognize the value of the multi-stakeholder approach in this success story, for it is a success story.
Governments do realise -- have to realise, so to say, the public policy dimension of this medium, and it's important for societies as large, and it is therefore natural that governments have an interest in knowing what else is being done and what could be done to further reinforce the stability (off microphone) of the Internet, and it's a bit like the oil leak in the Gulf of Mexico. Everyone started at a certain moment and quite early in blaming B.P., but if things go for the worst, it is the president of the United States who is called upon to act, and that is where we are absolutely aware of that. At the end of the day governments have to phase their responsibility too.
And that, I imagine, is the spirit of the discussion. On principles of the Internet, silence and stability, members state and European Union are already conducting, the Commission is providing a facilitating role and that's it. Unfortunately other commitments prevent me from staying here too long, but I will stay for the start of your discussion. Thank you very much and I sincerely hope that your conclusions are to be taken home to Brussels and are not only important for Brussels but are important for a lot of other capitals, so to say, around the globe. Thank you.
(Applause)
>> BILL GRAHAM: Thank you very much, commissioner, for that very positive statement starting off our session this morning. I hope we'll be able to live up to your expectations and provide the kind of input that will be useful to you.
First let me just briefly apologize to Tama University for forgetting to name Izumi as one of the co-organizers. I'm sorry for the oversight. Secondly, I also want to draw attention to the fact that we have remote participants and we have a remote participation moderator, so I expect we'll be getting some questions and comments from people following this session who are not able to be on-site.
There are three sessions to this workshop, and we have many speakers, so I don't want to take up very much time as moderator, just to say that the first session we've asked our speakers to very briefly provide clear and -- a clear and challenging statement about a real genuine possible threat to the Internet, and these are all people who are working in operational fields, so we've really phrased the question, what keeps you awake at night worrying about the long-term stability of the Internet, trying to get away from some of the speculation that goes on and down to real cases.
Following along with that second segment is presented by the regulatory authority of Lithuania, which is a case study of some actions that the authority is taking to deal with threats to stability of the Internet.
And then the third session we'll have three colleagues trying to help us to map the issues and the organisations working on the threats that have been identified, and if we're really lucky, we'll also be able to identify some gaps, which would be an excellent output, I think, from this workshop, if we can provide advice to others that they can take up to help with the -- the multi-stakeholder approach to increasing the stability of the Internet.
So without any further comments from me, I'd like to introduce our first group of panelists, I'll mention their names each as they're due to speak. Our first group of panelists I will mention their names, VeriSign based in (off microphone) due to speak. Shoot me now (laughter) affiliates based in Philadelphia.
>> RAM MOHAN: Thank you, and Danny here is from VeriSign. Some of you -- do we have a sound technician in the room? Hopefully this will work. Thank you so much. As some of you know, a big part of my day job involves the operation and -- the operation and management of top-level domains at Afilias. In total we manage about 17 million domain names. We run a total network of domain name servers and those are responsible for answering billions of queries every day. In running this network we get probed and attacked every day, sometimes in a small way and sometimes in a huge way. In addition I spend time working with many of the people here on today's panel implementing solutions and working on technologies that enable the core of the Internet to just work.
Now, many of the protocols used on the Internet were developed during a period when the number of infrastructure providers was limited and trust between each of these providers could be assumed. Hence, communication and interaction inside of the DNS, as we know it today, often presumes trust and sends sensitive data in a completely open manner. Credentials are sent in the clear. DNS requests and replies were expected to be performed with fidelity, and the authenticity of self-declared identities is taken for granted right now on the DNS.
Well, one of the biggest areas of concern for me for the Internet as a whole is the pervasive and malicious impact of distributed denial of service attacks, or DDOS attacks. Denial of service attack by self is characterized by an explicit attempt by the attackers to prevent legitimate users of the servers from using that service. Attacks can be directed at any network device, including attacks on routing devices and Web servers, email servers, or DNS servers themselves.
Now, if an attacker mounts the attack from a single host, we would classify that as just a denial of service attack. On the other hand, if the attacker uses thousands of systems to simultaneously launch attacks against a remote host, that would be classified a DDOS attack, and clearly the major advantage to the attacker using a distributed denial of service attack is that the multiple machines that are used, generate more attack traffic than just one machine. That's a clear thing.
But the other piece is that it's harder to turn off such an attack because it's coming at you from many different places at the same time, and in many cases because the DNS uses this implied -- implicit trust mechanism, the attackers come in masquerading who they are. They say they are somebody when they really aren't that person. They say they're coming in from a particular IP address when it really isn't that IP address.
And on the receiving side folks like us end up having to treat all of the requests that come in as if they are real and legitimate and respond to every one of these attacks in a complete and reliable manner.
Users itself -- users themselves on the DNS, they expect the DNS to respond properly, accurately and quickly, and they expect that the DNS is going to be available at all times. And a DDOS attack can severely disrupt such expectations. In fact, a well orchestrated DDOS attack has the capability, in my opinion, to shut down major parts of the Internet's core infrastructure by keeping it so busy answering bogus queries that it cannot handle real requests.
The scale and size of DDOS attacks have increased dramatically in just the past five years. We were seeing attacks that were typically, you know, 10 gigabits her second in the 2005-2006 time frame. Right now there are established reports of attacks, DDOS attacks at more than 50 gigabits per second. Now, 50 gigabits per second is itself a big attack, but the problem is that a 50 gigabits per second attack is only the tip of the iceberg. The reason I say that is because of the proliferation of BOT nets, and BOT nets have become far and away the most popular way to execute DDOS attacks.
Now, depending on what kind of Botnets are present, the scale of DDOS attacks can be really ramped up. In fact, this year it has come to our attention that you can now buy DDOS attacks using Botnets. The Botnet operators have become sophisticated. They offered a cloud-based Botnet DDOS services, where you can pay as you go, and depending how much you pay, the size of DDOS attack can be increased, ramped up or taken down. In fact, some of the Botnet operators even offer you guaranteed email delivery. They provide you service level agreements, the kinds of things you expect from the legitimate part of the Internet, that's happening on the bad part of the Internet as well.
Now, the reason I'm word about DDOS and its combination with Botnets is the fact that you no longer need a large Botnet to shut down pieces of the Internet. A small Botnet is enough to take down core infrastructure, to take down significant pieces of a nation's infrastructure or of corporations themselves. So you don't have to take down the entire Internet. You simply have to disrupt a few important pieces of it and everybody, or a large number of people get impacted, right? Imagine if, you know, Gmail went down, or imagine if Twitter went down, right? These are services that are used. It's not the entire Internet, but it certainly is representative in a large way.
The piece as an operator that I am probably the most concerned about -- specific -- even more specific inside of DDOS and Botnets is what I call the growing provisioning gap. The gap between those who attacks and those of us who respond and defend is increasing. The problem is that it's pretty easy for somebody who is running Botnets to increase the number of Botnets by hundreds of thousands in a very rapid way. It's not nearly so easy on the responding side to increase your provisioning and your infrastructure to provide proper responses, and I really am concerned that we have to have careful management and marshaling of resources. Simply regulating it doesn't solve the problem, but it's going to require a significant level of investment, involvement from private operators along with coordination from the public sector, because I worry that the provisioning gap, if not addressed appropriately, is going to cause a significant problem with the long-term stability of the Internet.
>> BILL GRAHAM: Thanks very much, Ram. Well, that should help us all lose some sleep at night, and I think -- our second speaker is Danny McPherson, vice president network security research, really at VeriSign labs.
>> DANNY McPHERSON: I'm Danny. I am at VeriSign. I'm going to speak on a couple of topics, actually. I know some of you have opportunity to join the resource certification, the last workshop. It deals a lot with Internet allocation and resource certification, and on the -- in the Internet routing system today there is no authoritative source for determining who holds what resources, and absent that source you can't secure the routing system. What that means in practice is it means on the Internet anyone can pretty much assert reachability for anyone else's address base, and there's sort of no recourse, no capability to stop that or to verify and ideally prevent that capability, and that's a huge vulnerability because, you know, the routing system itself sets up the reachability, and then everything else on top of that employees that reachable. So DNS and applications and even Botnets don't work if the routing system doesn't work. So that's a huge challenge in and of itself.
The DNS system is hierarchal and distributed but also as Ram points out prone to becoming a target of attacks, so the counter measures and the my mitigation controls and the controls that can be put in place are extremely important as well.
One other thing that I would touch on as important is sort of, Ram talked about the proliferation of Botnets, and today if you consider sort of the Internet security landscape, every two minutes a piece of malicious software is released on the Internet. There's no way that virus detection capabilities in IDSs or AV can be updated in time to protect against that. As a matter of fact they're inherently reactive. And so finding ways to balance -- you know, balance proactive capabilities to protect consumers of this resource or systems on the Internet, you know, in a model where a completely patched system with the most up-to-date AV is protected from probably 80% of the unique threats on the Internet on a given day is a huge challenge, and it requires, you know, global coordination and acknowledgment this is a global resource and policy development, because this is a shared global infrastructure and global medium, and, you know, and some of the information or data sharing capabilities that don't exist today are extremely important to enable end systems to be better protected against certain types of threats.
And to summarize, I think the routing system and the DNS being systemic and global in nature, then sort of the malware threat are a couple of the highlights that, you know, I would emphasize on the panel today.
>> BILL GRAHAM: Thanks very much, Danny. Our third speaker this morning is Alain Aina, special project manager for -- special networks engineer.
>> ALAIN AINA: Thank you. For the next five minutes I'm going to focus on the thread, the new protocol and new services are bringing to the net, and which can have impacts on the long-term Internet stability.
The Internet (off microphone) where we need to improve or make -- make changes, I'm going to talk about a few. Right now we are talking about moving from -- from IPv4 to IPv6. This is a big challenge, and then the network needs to be upgraded, but at the same time people are working on some mechanism for maybe to share IPv4 and in the (off microphone) time when we are moving to IPv6. So -- IPv6, or IPv4 sharing we can -- and the protocol, the protocol translation from -- between IPv4 to IPv6 (off microphone) are bringing complexity -- bring this complexity to the Internet and may impact the stability of the Internet.
At the same time we are moving from the system (off microphone) to 32 BSN. I know in the committee people forget about these things, so we're also move from the system 30 BSN to 32, and (off microphone) also ways which it may have impact on the routing. We have room for routing rules (off microphone). This con also can impact the stability of the Internet. At that time IDN, so IDN -- but there's no protocol or no guideline on how to apply IDN, mainly at the TLD level. And there are some issues with how we -- very strange collision across the language and (off microphone) issue with the idea, and so we have work to be done there, and if not could impact us, the long-term stability of the Internet. DNSSEC is also something we have to -- everyone is aware that the (off microphone) has been signed, DNSSEC, signing zone and validation. DNSSEC bring complexity to the Internet. We have to agree on that. And also room for DDOS attacks, and to give (off microphone) we have seen recently two or three days ago some issue with a large zone (off microphone) because they have (off microphone) and have to move to the backup system and something happened and then if you want to continue validating then, you need to flood your cache to get the (off microphone) so that's also where we've got some concern.
Next point is -- around DNSSEC. Okay. Some of the -- what we call -- what I prefer to call resist (off microphone) of developing countries, now keeping copy of route and some of the large TLDs, so there is some concern, if this TLD got signed, so want to be (off microphone) contact people to keep getting copy of the signed zones for this large critical TLDs. So (off microphone) RPKI, RPKI, like Danny said, will bring complexities and people need to be careful about how we deploy it, how we monitor it, et cetera, et cetera. Otherwise it can also impact the long-term stability of the Internet.
So there are good news. Good news. So I just -- talking about bad things but good news. The Internet has managed to survive to major (off microphone) and we hope it will, but we need (off microphone) reading capacities (off microphone) developing country and better coordination/collaboration among the players, and I think it will work. Thank you, Chairman.
>> BILL GRAHAM: Thanks very much for that, Alain, that's an interesting perspective, on the down sides of these improvements, or the potential down sides if they're not planned for correctly.
Our next speaker is Mr. Paul Vixie, and -- let me see. Paul is -- I've lost his bio. Paul is with Internet systems consortium in the Washington area. Paul?
>> PAUL VIXIE: Thank you. I am certainly glad to be here. I am the Chairman of the board of trustees for ARIN, which is one of the RIRs but I am here to talk about the work I've done as part of the security and stability committee. I think this was the 2002, so quite a long time ago, and the information was somewhat old even then.
So Ram in his presentation talked about the fact that as a DNS service provider it is necessary to answer all the queries that you receive, and he mentioned that some of them are not true queries. They are faked. So I wanted to expand on that.
It's making it act up. What do I do?
Okay. So we talk about Internet addresses. Certainly there's a lot of news right now running out of IPv4, running to IPv6. These addresses are the addresses used on Internet packets, and all of the -- pull it closer -- and all of the Web traffic and all of the traffic that we ever do with our laptops and our servers and the entire Internet traffic load is divided up into these packets, every one of which has two addresses, one to say where it's going and one to say where it's come from. And I am here to remind everyone that the address showing where the packet came from is not secured in any way.
So if you imagine that this panel was made up of Internet hosts, I can transmit a packet to Danny claiming that it is from Ram, and Danny will not answer me, he will answer Ram. So what that means in practice is that if I send a lot of packets to Danny that cause Danny to send a lot of responses, he's going to send those responses to Ram. If I send packets to everybody on the panel claiming they're from Ram, Ram gets all the responses. That's a lot of responses, especially for DNSSEC where the responses are much larger than the requests. So it's a very cheap attack to launch and a very expensive attack to defend, which I think is what Ram's opponent was. But it's actually much more pervasive than that just.
I can send a whole bunch of people attack traffic claiming that it's from Ram, causing his support following to ring off the hook with complaints about why he is attacking their computers. This is not news. The Internet has always worked this way. There is a relatively trivial technology with standardized IETF, standardized I think back in 1998. There's an RFC, VCP. I wrote a short four-page executive summary for non-technologists in 2000 for the ICANN security and stability committee asking them to please take a look at this because it's a great gaping hole and it's still there. Nobody has done anything.
The (off microphone), Cisco, Juniper, have added features to their platform to allow them to control this kind of thing, but by its nature you can only control this if you are very close to the source. In other words, you can prevent your customers, ISP can prevent its own customer from forging addresses that do not belong to that ISP, because they know, hey, you're my customer. I know what addresses I gave you. You're not using those so I'm going to drop those packets on the floor. That works.
But at a larger distance it doesn't work. So if you were talking to someone else's customers, their traffic has passed through enough different routers that you can't prove that they're false, so you can't tell the difference between a fake one and a true one, and that is the state of affairs as it exists today. There is no large ISP in any country who has turned on this feature in every Cisco router and every Juniper router that they have. There is no company that enforces this against their own customers because there's no economic incentive to enforce it against their own customers because to do so they drive their own operations costs up and the only protection they offer is to other people's customers. So to drive your costs up in order to help your competitors save money on attacks is senseless. It makes no business sense, and until we solve this, every other problem that we face in Internet infrastructure will be amplified, and Internet will be very fragile when it really should be very resilient given how much we depend on it. Thank you.
>> BILL GRAHAM: Thanks very much, Paul.
The next speaker is Hillar Aarelaid, from the Estonian CERT, and apologies for my pronunciation.
>> HILLAR AARELAID: Good morning, everyone. My name is Hillar Aarelaid. Sorry about this very difficult name. I'm from a Nordic country called Estonia. It's a nice place to live. Yes, it gets cold in the wintertime but we don't have any problems. Yes, little ones but no big problems.
I tried to prepare for this panel yesterday and I asked my daughter, she's 6, why Internet is important. The answer came very, very quickly. Water (off microphone) no, no, no, I told her, water doesn't come from this wire. It's a tube, not an Internet. Water doesn't come from it. Okay. Pay your bills, you pay your water and electricity bills on the Internet, so it is Internet, there is no water. She was so, so happy she proved her point. So water coming from Internet. This is actually not a joke at all. Yes, milk, bread and (off microphone) came from Internet in Estonia already in 2006. Yes, there are nations out there who actually depend on the Internet so much that two or three days (off microphone) routing or DNS or some 49 gigs of little bitty piece -- 38 packages towards us will kill the nation.
Can I do something about it? I don't know. It's nice and cozy country. We don't have very much problems. (off microphone) our neighbors. We have the same thing Paul said, keep your backyard clean. If you're looking on some finished CERT reports, every year say (off microphone) we have cleaned our country. Yes, we went even so far to declare (off microphone) 38 as a role. So we just try to keep clean our little country, to be responsible from this little piece of land, to clean up this (off microphone), to clean up this (off microphone), and yes, we hope so that the big boys (off microphone) will take care of core. If we clean our small home user space (off microphone). Thank you.
>> BILL GRAHAM: Thank you very much. Our next speaker is Max Senges, with Google.
>> MAX SENGES: Let me start by saying I was surprised actually about the title, because the stability of the Internet is something that is somehow an oxymoron, isn't it? The Internet is a flow, it's constantly evolving. I guess it's an equilibrium and a well-functioning that we're seeking. I'm more thinking of the conceptualization of complex adaptive systems and how you can apply that to the net.
So of course I totally agree with my -- because before on DDOS attacks, spam and malware, basically creating a type of immune system for the Web, however, I'd like to basically take a little bit more of a macro approach or look behind the scenes and look at the structures that create that immune system, and fact I felt it was very interesting but a colleague from Washington mentioned, you know, that there is no -- that the access providers or the ISPs are not voluntarily switching on certain functions for the better of them all, and evening that is actually not the historic way the Internet Governance developed. I think running code rough consensus, innovation (off microphone) all these are classic terms that really depend on cooperation and on the different actors and stakeholders working together, and we were asked to provide -- or focus on one specific piece of danger that we see for the continuation of this great success story that is the Internet, and I think my fear would be that we get to some kind of a central gatekeeper that exercises more control over the Internet, and I would really much appreciate the comment from the colleague from the European Commission. She said, you know, she's part of that environment, you know, basically the politicians, the private sector and the civil society have to work together to make this happen. So the opponent I wanted to stress is that Internet Governance is a process, and it should be a cooperative process between the different stakeholders.
As an analogy and maybe recommendation for reading, Jeanette Hofman published a great piece comparing the government systems of the financial systems and the Internet, basically, you know, alluding to the fact that if we don't take care and get the Internet Governance topic right, then we're steering towards a similar scenario that we are seeing with the financial sector.
Now, doesn't mean, you know, I'm asking for the Internet to go regulated. Quite the contrary. I think the combination and the agreements, that voluntary nature is what we want to find and consensus scenarios rather than, you know, either letting completely loose or having outsiders, let's say, which is the politicians that are of course concerned with the best for the people but are not running the services so they're not as deep into all these technical issues that have been mentioned before.
So there's the open neutral architecture, the layered approach (off microphone) open standards that make up the Internet Governance scenario that we have right now, and in particular I'd like to point out four principles because that was what we laid out in the -- in the description and in the setup of the workshop that we believe are essential for the Internet to continue the way that it evolved so far so successfully.
So no blocking or degrading of lawful Internet traffic, so basically everything besides spam and very specifically defined traffic that is legal should not be blocked. Second, no anticompetitive behavior, so no favoring of your own traffic and similar arrangements. Third, transparency of relevant information, so basically if traffic management takes place, the information should be very clear to the user what kind of traffic management is taking place when and for what reasons. I would add in a personal capacity that ideally that should be realtime. You want to know, okay, now my skype video chat is changing to voice only because there is too much traffic in the counterpart somewhere between the route. This is the kind of detail I would like to see and I think would be very helpful for developments in general.
And last, as a last resort, obviously governments have the means to conduct oversight and enforce the rules that have been agreed upon. For example, in the U.S. (off microphone) brought a Internet advisory group, BITAG, and these kinds of cooperative setups I think is the future and is -- it's a very stable and good approach for keeping the Internet stable or evolving in the way that we want it to go. And maybe just as a small pointer also, in the cop text of the IGF there is the Dynamic Coalition on Internet rights and principles, which of course on the one hand tries to transpose human rights with the on-line scenario but is also concerned with defining the principles that are actually underlying, mostly on the technical sphere, and I think we would get one step further in this development at the IGF in the context of this group and the wider IGF discussions we would make progress defining these principles that we want to see. Thank you.
>> BILL GRAHAM: Thanks, Max. That's an interesting perspective on this topic.
Turning now to Theresa Swinehart, who is executive director of global Internet policy at Verizon. Theresa, please?
>> THERESA SWINEHART: Thanks, Bill. Does this work okay? I'm not a technical person by any means, but seem to be involved in discussions around policy. I'm just going to make a few quick observations and really -- is this working okay? I'm having a hard time hearing. The one area that I think is going to be a priority moving forward is a threat of not effectively leveraging initiatives that are intended --
>> Maybe unplug it.
>> THERESA SWINEHART: Just unplug it? I'll try again. So one of the -- one of the challenges moving forward and given the descriptions of some of the real technical threats that exist and the realities of many of these is not effectively leveraging initiatives that are actually intended to help mitigate the threats, both vertically and horizontally, and I would look at this from it success side, policy side and scaling of information and resources and I'll just touch on each of those very quickly.
On the technical side there's enormous amounts of work being undertaken on capacity building initiatives, training, all sorts of other things. There was a workshop this morning on ccTLDs in Africa and the importance of strengthening ccTLD capacities to absorb attacks, various other things. Internet society has done work on pairing arrangements, things of that sort. Verizon and many other companies are involved in initiatives to really strengthen the network and make sure there's a preparedness factor.
So looking at these kinds of trainings and capacity building and ensuring on a global level that with increased capacity it's coming to different parts of the world, is their preparedness for what comes with that, the difference in attacks, the kinds of attacks that come with that. So I think that's one area that's going to require some further awareness.
In the policy discussions, that they continue to be multi-state (off microphone), that one continues to have consensus oriented policy discussions. It's the best way to have an insurance towards the future. It's the best way to find creative solutions that address issues that come forward. You mentioned the BTAGs, the broadband technical advisory group that Verizon is participating in as well. These are important issues that are happening because they're trying to find a way to approach solutions.
If you take a look then at the scalability factor on awareness information and leveraging of resources, how does one actually ensure that information is getting out there, vertically and horizontally, and I'll just give one example that's come close to home. I had recently just had the opportunity to join Verizon, and they issued in July an annual data breach investigation report, and it's an exceptional report. It was done in cooperation with the U.S. Secret Service, and it identifies a snapshot of cyber criminal activities and they have commonalities that exist of 141 cases. 98% of all data breached come from hack servers, 98% of these breaches were avoidable by means of simple intermediate controls. 85% of these attacks were not considered highly difficult. These reports are being issued by companies. There's many who are doing these kinds of things. How -- how can one utilize and get that information out there? They provide ways to mitigate the circumstances that are coming forward.
So when I would look at the discussion happening here, we know that there's technical issues going on. We understand that there's threats of attack. We also know that there's a lot of resources and information and awareness out there, but how do we best ensure that there's better vertical and horizontal integration of that on a global level as we move forward into that in the future. So I would highlight that as an issue that needs to be looked at.
>> BILL GRAHAM: Thanks, Theresa. That's very useful.
Our final speaker in this first section is Raul Echeberria, who is executive direct her of LACNIC in -- resource agency in Latin America and president of the board of trustees of the Internet society. Raul?
>> RAUL ECHEBERRIA: Thank you. I'm the one that is expecting to receive the luggage today. I'm -- I think Alain mentioned something before about -- before IPv6, when we speak about potential risk for the next future, I will make a comment here. It is difficult to speak about the long-term challenges on the Internet. I think that's if the (off microphone) could have been challenges for the short-term or midterm probably we would be speaking about the same things. (laughter).
So the challenges, obviously the transition from IPv4 to IPv6 is one of the big challenges that we are facing. I think that's -- while this is obviously a (off microphone) term of instability of the Internet, it is also important to say that there are many people working around this issue, to provide the best situation, the best possible transition.
I think that the question is if there will be problems in this transition from IPv4 to IPv6, and the answer is yes. The introduction of any other technological component, the introduction of IPv6 will produce the need for refinements of the technology and other (off microphone), but if the question is will it impact in some way to Internet users, the answer is I don't think so.
So the good thing is that the problems will be perceived, in my view, for those that should perceive the problems, the people involved within IETF, in the operator groups, and in other technical communities that deal with the problems in the -- in the way that the problems will appear. So I think that's the -- it is potentially a risk, it will create problems but the problems will be short-term with the tools we are managing today and the mechanism we have currently that are working on this issue. So I don't see major problems on that.
But it's going to another point. It is difficult to me to think in the stability of the Internet without thinking about integrity of the network, the resilience of the Internet. And I agree with the comment that Max made before in terms that it is important to speak about the stability of the Internet because the stability -- the Internet, by definition, is something that is not very stable, and it is in permanent evolution. But I think that when we speak about stability, all of us understand what we are talking about.
But in taking this interpretation of the stability, I think it is impossible to speak about stability without speaking about integrity of the network, because it would not be useful to have all (off microphone) working well if we have thousands of networks working -- isolated and not integrated as we know the Internet today. And what are -- where is the risk of (off microphone) the new are coming from, and probably they are not coming from (off microphone), they are coming from other places, like all the (off microphone) we're seeing today regarding (off microphone) tragedies, one of the points -- one of the (off microphone) which some risk to them -- the integrity of the networks could emerge. But it's not only this one. It is also important to have in mind the (off microphone) could be producing (off microphone) also political reasons.
My personal view is that this community has not been dealing as seriously as we should have done in those years with this problem of the fermentation -- because the Internet has been at risk for many years, before the debate -- the debate for business resource came up. Now the free flow of information from point to point is something -- it's a very serious problem in the world, and we should (off microphone) with that, and this is probably one of the major challenges that we are facing in terms of integrity of the network.
My last point is that other motivation -- other reason for discussion could be the regulation, the regulation in trying to deal in good faith with problems like cybersecurity, cybercrime and other problems, in which we share objectives but probably the decisions that could be taken in order to achieve the most -- the best results could be wrong and create an overregulation that could produce some problems in the network. So I think that other colleagues have spoken about other technical challenges for the next future. I just wanted to mention this few points. I think that IPv4, IPv6 is an important point but I think that the community is dealing in the proper way with this problem -- with this point, and I call the attention of the people to the other challenges that come from a nontechnical alias. Thank you.
>> BILL GRAHAM: Thanks very much, Raul. So there we have it from our set of experts, and what I heard was essentially three things here. First off there are a number of threats on the stability size, ranging from malicious attacks and other threats caused by bad guys, to on the other side threats created by issues around implementation of various measures that are meant to improve the Internet, and those threats arise in part from the complexity of the Internet system but also from -- from the need for appropriate skills to take on that implementation.
On the second side there are policy threats, and those, if I heard correctly, largely come from the subtlety of the interrelationships of the various actors in the Internet ecosystem and the multi-stakeholder model and the need to really understand the complexity of all those relationships when establishing an appropriate policy concerning the Internet and the -- trying to maintain the stability of the Internet.
And the third point, I guess, is really relevant to both the technical and policy threats that were identified, and that is the need to have capacity-building measures in place to deal with this. It's not only a question of technology, it's not only a question of policy, it's a question of having people in all the countries and economies in the world who are able to work at the interface of the technical and policy environments. So those kinds of special skills need to be developed, and frankly, that's not something that I'm aware of many programmes established to address the interface issues.
Looking at the clock here, we're actually keeping pretty good time. Evening we have 10 to 15 minutes for questions here. Again, I would like to say to our remote participants, we will be calling for any questions that might be there, but first I'd like to see if there's anyone in the room here who has a question, and I'd ask the -- Andrea, the remote moderator to let me know if anything comes up there. Anyone within the room who would like to arise with a point or a question? Back here?
>> There's -- oh, there isn't a mic on the floor. That will slow us down a lot. Paul, thank you.
>> Right. Thank you, Paul.
>> Thank you -- thank you very much. My name is --
>> BILL GRAHAM: Please provide your name and affiliation -- I forgot to say that.
>> No problem. I'm Andrew Kusion, I'm one of the investors for this year and I also work for Vodafone in New Zealand, and I'm a director of the Internet service provider in New Zealand as well. I therefore come from a predominantly telecom perspective to some of these questions, and I'm delighted to see (off microphone) invoked in this conversation, indeed the network operators are a very important part of solving some of the challenges that are talked about in the decision today.
A couple thoughts from me regarding some of the specific elements that came up, and please forgive me if I can't remember your names. I feel very rude. But to the gentleman on the end here, you were indeed right, that there is equipment that we aspirators have available that can help solve some of the problems that you mentioned. And, in fact, where there isn't a reason for collaboration, it can be very difficult to justify the investments involved to unable those features. However, I am aware that there are in a number of jurisdictions, there are organisations and collaboration between operators that can provide a mechanism for solving issues such as that whereby operators can come together, self-regulate and cooperate on matters of mutual interest, and I would encourage that whereby organisations see that there is a need to seek out those bodies within the various jurisdictions and see whether or not there is a possibility to solve it in those ways. IPv6 is indeed a challenge and operators are moving towards refreshing their equipment and enabling it on their networks. I know we are certainly are as well.
And I guess the final point here, I don't necessarily want to kick off a (off microphone) neutrality debate, but the only problem I would have is there is essentially a scarcity issue here, and whenever there's a scarcity issue, and it's quite pronounced in New Zealand when you get to international connectivity, you must make choices about how do you prioritize. Otherwise you run the risk that everything becomes horrible. So I like the point that indeed transparency could be a good start, but nevertheless there is a need for more principals to say, what can you do in order to manage scarcity and overdemand on a scarce Internet resource.
So those are some thoughts from me. I encourage any of the speakers in terms of the questioners, what else can operators do to cease with the sorts of challenges that you see and how can I, as the employee of an operator, contribute more to the sorts of issues that have been discussed. Thank you.
>> BILL GRAHAM: Thank you, Andrew. Anyone on the panel want to pick up on those points or respond? No? Max, please.
>> MAX SENGES: Well, it's not directly a response but more an offer to say that talking about these principles and you're saying, you know, we've talked about some of them. There might be more. I'd be happy to follow up with the other folks on the panel and volunteers in the room and try to nail these principles down. I've already mentioned one place where, you know, they could be contributed. I'm happy to consider others or to have them as a separate contribution from the organizers workshop or otherwise.
>> Thanks, Ram.
>> RAM MOHAN: Thank you. Thank you for comments. I think the -- one of the issues is not simply about scarcity, but when you have, say, as I was saying earlier, when you have something like a DDOS attack, or you have a tremendous amount of traffic coming -- attacking you, coming at you from multiple different places, I think it's important aspirators and as network providers to have the ability to shape, to inspect, shape traffic and to make priority decisions.
So in that area you may have provisioned a huge amount of bandwidth, but it's very easy to overwhelm all of that bandwidth and to consume all of that. So I think some sort of a balance where the principles say that, you know, if you're an operator you should still be able to provide some shaping to the traffic that's coming through, so that you let good stuff through. And I know that there is a -- there's a delicate balance between what is really good, but certainly when there is a DDOS attack coming through, it's pretty clear that --
>> I know that there is --
>> Balance between what is really good, but certainly when there is a DDOS attack coming through, it's pretty clear that the end user is impacted (off microphone) balance between what is really good, but certainly when there's a DDOS attack, it's pretty clear that the end user is going to be impacted, balance between what is good -- but certainly when there's a DDOS attack, it's clear that (audio difficulties).
>> RYTIS RAINYS: Happens somewhere, somewhere in an exact place, locally. So it's a particular country. Therefore, the issue about the ability of this particular country to resist, to get the most affective way to recognize a (off microphone), it's an important question, and we want to discuss those issues in the context of this meeting.
First of all I would like you to know some things about our country. First of all, Internet access speeds growing very quickly. We have a huge number of cyber (off microphone) rates of the mobile networks. Some of you may say that those guys have a lot of infrastructure, why they should care about those treats, you know, because a lot of networks have (off microphone), and things like that. However -- okay. So one of the things to ask, those are things that the investment -- broadband are growing. Most are growing because the demand for Internet is growing, and -- demand is growing because people are working more and more on the Internet. They perform (off microphone) on the Internet and therefore we come to the conclusion that people are becoming dependent on that infrastructure, so as they do on other infrastructures. It's important that infrastructure was not created as a critical infrastructure. It's a network of networks, independently operated networks, that appropriate attention should be given to the stable operation of the network organizational level, and here is a gap. And we as a (off microphone) cares about the controls of the stakeholders. We consider (off microphone) of the networks is important, and what's next? How to contribute to the stable operation of the networks. First of all, of course, we have to learn about it. There is a huge amount of questions that we are asking ourself. Do we know what the infrastructure looks like as a whole. Do we know about how the network sites are corrected? Do we know what are critical loads in our infrastructure? Do we know how the security incidents that we do have most affect our stability of our networks. The answer was no, no, no, no, you know?
So the manipulate priority of -- of our approach is to learn about ourselves, to learn about our national network infrastructure, just to be able to contribute to the stable operation of it. Another to reach that objective we started with the concrete task, the first of which is to describe the national (off microphone) network, to look how it looks from the top, you know, as a collection of our national ISPs, analyzing the information, we were trying to define the critical nodes that may affect operation of that network. We performed regular collection of the data from 2007, where a huge amount of data was accumulated in a dedicated database, which allowed us to visualize this information and to study it in more details. Based on that information we were able to identify the critical nodes and update it (off microphone) logically, and my colleague will present -- will present some of the key findings from those analyses. Thank you.
>> Good afternoon, ladies and gentlemen. Prolonging the presentation, taking in mind that (off microphone) not a big country, just (off microphone) inhabitants, we found our infrastructure quite huge, I would say, interconnected on the map you see, what we summarize it, more than 100 Internet service providers, 35 (off microphone) normal systems running, more than 600 connection lines from those connection lines approximately 200 type of connections and for (off microphone) type of connections.
So the infrastructure is was interesting to supervise and to understand with what we are dealing for, and this infrastructure colliding with a huge amount of security incidents. There's a national (off microphone) observed in Greece, 37 times the amount of security (off microphone) networks. The biggest part of those incidents were found came from Botnets activities. Nevertheless, we had service disruptions, which were responsible for the EP address distribution -- IP address distribution. It influenced almost the whole Internet users. We had several (off microphone) goes to Sweden networks and we are very dependent on several cables which connects our networks with international network. We understood at that point that it's necessary to identify the critical nodes of our supervised infrastructure, and we came -- a decision was develop metrics to identify those critical nodes within the (off microphone) network. The key message there is (off microphone). The development of common criteria to identify critical nodes, you should select the proper criteria to identify proper critical nodes. We are working on that. The list is presented. Because of time (off microphone) I shall not go through all the criterias mentioned there, but it's led us to identify our critical nodes.
With the conclusion, next steps, we are thinking now -- actually at this level, in development, we identify critical nodes. We are going forward to develop a model which could supervise and monitor the well-being of those critical nodes because -- could supervise and monitor the well-being of those critical nodes because they are really important for the proper functioning of all the -- functioning of all the things in Internet networks, because on those Interconnection nodes, well-being depends on other networks, smaller, for example, networks.
Finally, coming to the last point, final conclusion, I was thinking yesterday what I could say. The only message was in my mind, a really interesting study made by Cisco and media global group about the future Internet, they developed studying what the future of Internet will be in the next 15 years. It's really pretty important and really interesting to see that users -- almost two-thirds of world population will be using Internet each day, that actually Internet will come -- will be the fact of our life, not just a fun thing to use. And everything will be connected on Internet and it will be connected -- it will be connected realtime. I mean, we'll skip that -- we have now -- or disconnecting from the Internet. Everything will be always connected. It is an important message, evening. It shows for us that our worship and task of ours, worship in the future will be even more important. Thank you very much.
(Applause).
>> Thank you very much. I'm aware you had to cut a lot of what you could say, but maybe I open now the floor to the audience to ask for the questions. Then let me ask a question to you. You said you were looking at a model to supervise the well-being of the Internet. Now, as you are in a regional context with other countries, one of which was at the table this morning, are you cooperating with them or are you looking separately and talk later?
>> Currently we're looking just for our country Internet networks, and interconnection nodes that we are willing to supervise. We are talking now with (off microphone). We are willing to use simple network management protocol, which is de facto, use it in almost all ISPs, so that's when (off microphone) currently we are looking to the national level, but indeed it is the next step, it's connecting to the, for example, European level, if they (off microphone) will be in the contest as well.
>> Yeah, you know, after we prepared our first study we presented it in the independent growth of regulators in Europe and ANISA, and we are trying to cooperate on those issues to have kind of a common approach, evaluation of the reliability of national infrastructure and to share ideas about how should be this done, and also about the possible implementation of the monitoring. So we are trying to do a lot of things locally, but also to share our ideas globally.
>> Thank you. From the lack of questions, Andrei, I assume from the audience you think this is a good idea, to monitor the well-being? What other questions have you got? Edgar?
>> Thank you, Michael. I'm from the Netherlands. My remark on the questions related as well to the first part of the presentation, the second part, related to the second part I think it is a very, very useful exercise (off microphone) has done by monitoring the Internet to develop -- and coming up with ideas and practice tools for implementation for improvement. But the first idea and question that I already have after the first part of the presentation was, yes, we have many aspects, IPv6, we have (off microphone) which is improving global (off microphone). We have -- we have the routing problem. We have legal issues with different pens about that. So reply question will be, of course, it's difficult to get an answer on that, is don't we need maybe in the IGF, I don't know, but at some level in the holistic view (off microphone) local loop, looking to Estonia, in which you can put the right things in the right boxes? What steps should we take between now and three years in the technical area, organizationally, yes or no, do we need more mechanisms for cooperation, cybercrime or cybersecurity or (off microphone). Solutions and answers, without ever taking a step and making an extra mile, but still I think there is a lack of transparency in having (off microphone) having the main things connected, who is doing the proper things and if we might make (off microphone) -- I call it -- if we make progress, it makes life easier, also on a national level to do (off microphone). But I'm happy to hear your thoughts on that.
>> Thank you.? (off microphone)? Okay. Because you seem not to find anybody who contributes here. There. Could we get the Mike up there too?
>> My name is (off microphone). I'm here on behalf of the Internet exchange, quite a big (off microphone) in Holland. I was wondering, it's an interesting presentation you gave, and looking at the whole monitoring scheme, I think in some bullet point you mentioned, you know, that you would be able when you monitored all that you would be able to react as fast as possible. Is there anything -- could you be more specific about that? What kind of ideas are there? Any like already things that you have in place as far as (off microphone) go or what you could actually do if there is a particular (off microphone) problem? What your reaction would then be, what is your authority then?
>> Actually, at first we identify, for example, incidents. We are thinking something about early warning system. Actually, I don't have the right answer. Our -- our -- our work will be perhaps (off microphone) and coordinating activities and solving the problems, as we also national regulator -- national CERT team we can somehow react. But then the main advantages of monitoring, we see to identify incidents as soon as possible, and more coordinating activities between operators and (off microphone) that, because some examples are showing for us that it could be dangerous on a national level and one operator can solve this problem but one operator cannot solve it on a national level. And there is a step where we could react.
We are thinking about some critical -- critical lines, critical steps, when operators or those critical nodes should alert a national regulation authority. Where is the critical line between -- which are incidents -- the more critical incidents should come to us, we're now discussing that directly with operators.
>> MICHAEL NIEBEL: Okay. Thanks. Two questions more? Oh, three, brief, Bob Kahn, Estonia, and Bill. And that's it.
>> BOB KHAN: Me first? Okay, Bob Khan from CNR. You mentioned the vulnerability of some of the connections, cable cuts, things like that, small countries, satellites don't typically play an important domestic role, but what do you see as the role of satellites, which are harder to cut playing, the national connectivity role for a country like Lithuania?
>> Actually, we are meaning underwater cable, not satellites. We are not -- our infrastructure is not dependent very much on satellite connections, but underwater cables are taking the biggest amount of interconnection broadband. So the cut of those cables (off microphone) the rest of the cables that connect to other countries.
>> Okay. Thanks. Hillar?
>> I thought there was a question on the table. (off microphone). Went to report this incident (off microphone) draw a line before (off microphone), or part of (off microphone) every single critical infrastructure provider, it doesn't matter, private sector, corporate sector, whatever, has to report (off microphone). He has to have his own monitoring system so he can understand that something is threatening this critical system, and they have to report before the incident has really happened, not after, not next day a fax, yes, we had incident, but before.
>> Thanks. Bill?
>> Thanks, Michael. I was interested in your -- the process you went through to identify indicators and the conclusions you've come up with. It seems to me that's something that would and good starting place for sharing information within Europe or, more broadly, internationally. Are you aware of any moves that any organisation is making to -- in that direction?
>> Actually we found a lot of academic research is on that, and from all this assessment that we were presenting, this -- the definition of criteria is that (off microphone) development was the hardest one, and it's still developing. The next question is academia. It's an academia that (off microphone) more that we had.
>> And probably one of the conclusions of all our studies was (off microphone) stress the lack of their scientific work here. Because there is a gap in there. We already have to implement it in practice, and we feel the lack of the academic researches. Evening that's also important to mention here.
>> Thanks a lot. Thank you for your inspiration and food for thoughts. I think many will carry home, and I was thinking about what can be done at the international level. This closes -- we're right on time now the second part, and I would like now to invite our final three panelists on the panel so we can map it up.
So our first panelist, map it off to see where there's everything done or whether there are gaps and how the general situation is is Avri Doria everybody knows, she's at Luleå university in Sweden, but mostly everywhere else. Avri, please?
>> AVRI DORIA: Thank you. It was very interesting listening to all the conversations. One of the first conversations that occurred to -- thoughts that occurred to me when I was listening to it when people talked about various threats was sort of a certainty that the Internet will go on, it will do fine, the threats will be overcome. The privacy will be protected and so on. But one of the position that happens a lot in these conversations, and one of the things that we saw is the technologists have known, for example, for a very long time about most of the threats that are being spoken about. They have even come up with bits and pieces of the solutions, protocols, and in the best IETF style have says, if these are good solutions people will take them up, people will implement them and such.
But there was never a conversation at those points with the policy people, with people looking at these solutions, do they actually meet the needs of the society, do we have policy implications that we need to worry about when we're looking, for example, at the RPKI at the moment, is there a centralization issue that we should care about? Those things weren't considered, and one of the gaps we still have is while we come to the IGF and we talk about it a little, we still aren't really engaging in the work early enough when we're looking at the problem, looking at the solutions. So the Internet will certainly go on. There are what I think of as the modern wheelwrights that are constantly fixing it, constantly patching it, constantly putting these things together.
But when you try to get a conversation going, for example between the policy people in DNS and the technology people in DNS, when the policy people start talking to the technologists they're not using the right language. When the technologists start really getting into the detail with the policy people, very often the eyes glaze over. There's a few people -- so I think in terms of the gaps, one of the ones I see is that.
Another gap I see is that we really don't have a good way of evolving our systems. We have what we have, and we keep patching it and making it work, keeping it working, et cetera, but we don't really have a way to move on from the wooden-framed wheel to a tire. You know, it's sort of, if -- you know, you don't want to reinvent the wheel. Maybe sometimes people need to think about how one evolves to a new wheel. We don't have a mechanism to do that. So that's two places where policy and technologists today, but also the technologists and the policy people and the researchers looking at that. There's no real place on a global aspect that those things are happening.
The last thing I'd like to mention is another gap is the motivation. We heard several times, we've got the fixes, but there's no business reason to do it. And where do we find, now, a method of sort of saying there are things that need to be done for the network from a stewardship perspective, and somehow or other the gap in how we convince people that they need to do things, even if it doesn't help their bottom line, even if it actually hurts their bottom line in the short-term so that they make a few less profit, is that something -- is that another gap we've got to deal with between the network as a business and the network as a social infrastructure that we're all responsible for? Thanks.
>> Thanks a lot, Avri. The next speaker is Andrzej Bartosiewicz from YonConsulting in Poland.
>> ANDRZEJ BARTOSIEWICZ: All right. I would like to rather to focus my summary on let's say the technical issues, and the trends we have identified. As we know, and what we said before, Internet is growing at enormous speeds. Number of names, number of addresses, Internet user content is increasing. Of course not only the valuable side, the side generally we see when we log on, CNN, doing Facebook et cetera, that part is growing, but also the dark sides of the Internet is growing -- growing probably with the same speeds as the -- as the value (off microphone) sites of the Internet or even faster.
Internet usage by organized crime and crossborder tourist activity is going to be visible and seems it's (off microphone), and more internal presence and Internet penetration create, of course, more business opportunity and more economical opportunities on the Internet and more on-line economy means more opportunities for the organize -- the organized crime to act. If there is no money, there is -- typically there is no crime, but if the money comes, then there are people that like to take their share of them.
Crime is one site. The complexity of the Internet can also create more problems with long-term stability. IP (off microphone), complexity, reaching sometimes the maximum of the capacity of the Internet connections not software -- not sufficient (off microphone) infrastructure as well. A lot of resources in the Internet are just lost because of problems and errors with software that is used in the firewalls, (off microphone) the registry systems, the communication systems, some distributed database systems, databases, et cetera. There is always a question, how many copies of one document is stolen in your servers in your company? Is it hundreds of copies of the same file or thousands of copies? And of course (off microphone) attacks, they (off microphone) waste of the Internet, our community is responsible for cleaning the Internet from everything like such digital diseases.
And of course more and more complex Internet can not be monitored or checked against (off microphone) done by humans. This is what happened in late '90s. People were actually checking the healthy of the Internets and the parts of the Internets, servers, et cetera. Actually we need next generation for automatic tools for automatic monitoring and security checks. For example, the complex software solutions (off microphone) automatic and analytical to identify security gaps and perform as bottlenecks. Stand-outs like Paul Vixie was talking about in his speech. Sometimes are not implemented. But also we have to keep in mind some patterns and good practices that should be implemented in the core elements, at least in the core elements of the infrastructure.
Often -- quite often instead of buying new servers and asking for new gigabytes links, we can just try to optimize what we have today and optimize our infrastructure. Maybe there is a lot -- people are talking a lot about ecology and the green life, but maybe we need to green our Internet when we (off microphone) growth, we (off microphone) savings. Actually we can -- we can do more with the same resources. It's just about thinking how to organize this, how to invest a little bit in software, in equipment, and not just to buy another server to solve another problem. Maybe we have enough completed power and -- computer power and enough Internet connection to fulfill our requirements. And in my opinion the long-term stability of the Internet is based on (off microphone) modernization of the threat detection and of course global cooperation to share -- to share the results of such threats.
So if there is a problem in Lithuania, then this problem must be -- or should be reported to others, just to, for example, take down some (off microphone) attack. So this is not a national matter but international cooperation which we're going to talk about and (off microphone) is here.
>> MICHAEL NIEBEL: Thanks. Next speaker is Izumi Aizu from Tama University.
>> IZUMI AIZU: Thank you, Michael. Could you show -- yes. The next slide? I have made some (inaudible) analysis of who is doing what in the global information security area a few years ago, and this diagram is divided into a poly(inaudible) dimension on the vertical axis, as well as the global on the right side or local regional on the left. And if you -- click one thing? And I saw there's some gap in the -- in mapping exercise, that there's no real cooperation, no international cooperation in the polyC area. There are several institutions working on (off microphone) GF is perhaps one thing but it's just an annual event for dialogue, nothing binding will come out, which is not bad. IT is there but they are not directly working on ways (off microphone) society. And so on and so forth.
I'm not going through the details of these, but when I showed this to some of my friends, they said, well, but don't create another international body there as a new organisation, rather to have some more coordination among existing actors. I showed this last November in the CIS information security commission. I was invited by my friend Maldova, who is a Chair of this commission, with Kazakhstan where the nine member states were discussing about the security policy and technology areas. They were discussing about how to -- whether there's a need for them to create the national certs, and they needed some kind of mapping like this. Next slide please?
When we were discussing last night -- could you push the button or -- yeah. There were probably discussions -- well, I added the CIS commission but I also added ISOC and some other (off microphone) and then I also came to notice that there may be another gap. Could you push another button? Well, this one is a lot of national activities, which are related to we need to coordinate actually. So you shouldn't really do the top-down view of things like that. Another button? Another. Sorry. (chuckle)
Yeah, so there's no real operational standing mechanisms either on, say, when the (off microphone) routing goes wrong, do we have a global mechanism, or do we need such a thing, just to -- I was heavily involved with Y2K and tried to have some global mechanisms amongst operators, ISP, when all the governments were relying on (off microphone) to share electricity, and -- but how can you really assure, even if it's not working. That's sort of a -- we are sort of chasing each other's tail.
But my intention not to, again, go to the top-down view but rather I'd like to present you why exactly we need to work on more. Are there more gaps or could we really fill the gaps in which ways. And of course it relates to the nature of the threats. If it's more of the real technical threats or it's a the more criminal thing, we need to deal with the bad guys or architectural things, IPv4 to 6. As somebody said, yeah, the bad guys are really recently the powers, and they have their service-level agreement of a sort. Do we have, to protect the agreement, have service level agreement or any agreement to respond to it? And so I think this is a real good opportunity to start to think more seriously about implementing the policy activities as well as perhaps operational activities, and that's my food for thought. Thank you.
>> Thank you. And thank you for adding more during your presentation.
>> It's a patchwork.
>> It's a patchwork. Before I go to the floor to have a final round, just one thing, Avri identified this kind of gap also between the techies and the policy makers, which is -- which would then be the third gap or would it be covered by the first gap that you have identified?
>> Well, actually we need a three-dimensional, not the two-dimensional like TVs. So sometimes like Avri, are you technical a guy or policy guy? You have two hats, right? So perhaps on the one hand we need these sort of new guys, or think of the digital natives. We are the analog natives, now converting into digital beings, but here the bad guys will be coming (off microphone) as well as the policy guys. So we really need to see slightly different from the two-dimensional thing. But back to you.
>> Thanks, is there any comment from the floor regarding this wrap-up? If not -- Bill, do you want to make a comment?
>> BILL GRAHAM: I do think you're correct about identifying that third gap. That was certainly something that I heard loud and clear in the first panel, which is the need to get something going at the intersection between the policy and the technical worlds. If I can be permitted a really short commercial, it's something that we at the Internet society are trying to address with our newly launched next generation leaders programme, which is aimed specifically at that, but I -- that's kind of a long-term or a medium-term solution to an immediate problem, and evening the opponent is really a valid one.
>> MICHAEL NIEBEL: Thanks a lot. Well, I think we're wonderfully on time, and I think everybody on the panels, in the audience, and I'm very full of admiration. The audience has stayed well into the lunch hour and evening that shows that this was a very interesting and inspiring workshop, and I thank you all for that. And have a good work and amusement in the next days. Thanks a lot.
(Applause)