The Amsterdam Internet Exchange (AMS-IX), one of the largest internet exchanges worldwide, organizes a yearly event for its partners called MORE-IP. This years event was visited by a lot of interesting speakers, such as Erik Bais of A2B Internet, and about 250 visitors of almost 130 different companies and organizations.
The location was, just like past years, Pakhuis De Zwijger in Amsterdam. It was keynote speaker Mikko Hypponen of F-Secure who noted that this location fits very well to the activities of the AMS-IX. “The Netherlands has a very long track of transferring packages around the world. The AMS-IX does the same only digital. It is what the Netherlands does best.”
Hypponen explained quite well how the ransomware attack of Wannacry happened and also got disabled. “There was no ‘killswitch’ in the ransomware just as some media reported. A British 22 year old man Marcus Hutchins discovered a tric the Wannacry executed to find out if the ransomware was operated in a reallife of a test environment like at a anti-virus company like F-Secure”, Hypponen explained. The malware therefore visits a long and not existing domain on the internet. In a normal situation this would lead to a error and thus execution of the encryption. Only in testing situation of security companies this won’t lead to an error notification and as a result there won’t be any data encrypted by Wannacry. Hutchins registered the domain that was looked up for by Wannacry what lead to a stop of the harmfull effect of Wannacry. “This guy really deserves a medal”, according to Hypponen.
Internet of Things
Next to ransomware the Internet of Things (IoT) was a much discussed topic. “IoT is huge but in fact it’s nothing new”, says Marco Hogewoning of RIPE NCC. It’s nothing new because ever since internet exists people are connecting things and devices to networks. Or, to quote security expert Mikko Hypponen of F-Secure: “If the device has a AC-plug, it will go online.” But he has an remarkable warning to add to that. “Smart devices are vulnerable.” Often that’s not because the product are poorly crafted, but the software is outdated or the software contains vulnerabilities.
According to Hypponen we have to be careful with connecting all kinds of household devices to the internet. “By doing that we create our own monster”, Hypponen warns. “If you buy a smart washing machine, do you know for sure if it will still get all the software updates in 10 or 20 years?” There is also a story about a smart toaster that, once the network connecting fell down, kept on heating just as long it set on fire.
In addition to that IoT doesn’t generate as much datatraffic as some experts predicted, notes RIPE NCC. “That is because IoT doesn’t run on a internetprotocol itself”, says Hogewoning. Also a part of the IoT- traffic is transported via alternative networks like LoRa WAN.
Many attendees at MOREIP agreed that the network is a way of transport that is growing in importance with IoT. So that’s where the chances are for internet exchanges and connectivity providers. According to Stijn Grove, director of the Dutch Datacenter Association (DDA) connectivity had always been an important advantage of the Netherlands. With the multicloud the connectivity will even get more important, because now also the mutual connectivity matters. It’s all about giving the customer easy access to cloud providers.
The internet is just the transport layer for the data and therefor the cable becomes extremely critical for the continuity. Erik Bais, managing director of network provider A2B Internet, confirmes this. “The goal for A2B Internet is to transfer data safely from a to b. Ofcourse we are a supporter of a safer internet. We want the data of our clients always to be transported and stored safely.” That is why Bais is one of the fathers of the BGP filtering and the anti-DDoS project Naughty Port.