The Internet Interconnection 'ecosystem' - EU Agency Report Identifies the top Risks for Resilient Interconnection of IT Networks

BRUSSELS and HERAKLION, Greece, May 4, 2011 - A new report on the resilience of the Internet interconnection
ecosystem' is launched by the EU's 'cyber security' Agency ENISA (the
European Network and Information Security Agency). The focus of this report
is the complex 'ecosystem' of the interconnected network layers that make up
the Internet. The report identifies a number of concerns, for example by
unveiling a striking lack of information of the size and shape of the
Internet infrastructure. The study also recommends that incidents should be
investigated by an independent body in order to understand the nature of
success and failures.

The Internet has so far been extremely resilient; even major
disasters such as "9/11", has had only a local impact. But will this last?
Now, a systemic failure of the Internet would cause significant problems for
several sectors like energy, transport, finance, healthcare and the economy.
Intentional, unilateral unavailability of Internet presents a real threat to
economic and social welfare and can severely affect the right of citizens to
have access to information and services as the recent EU Joint Communication
COM(2011)200 highlights.

The Internet has no central Network Operation Centre. The open
and decentralised organisation is the very essence of the ecosystem and is
essential for the success and resilience of the Internet. Yet there are a
number of concerns;

- The Internet is vulnerable to technical failures, risks,
cyber attacks and simultaneous disruptions; service could be substantially
disrupted by other failures e.g. in the electricity supply

- There is remarkably little information about the size and
shape of the Internet infrastructure or its daily operation.

- Dependability and economics interact in potentially pernicious ways,
leading to a potential 'tragedy of the commons' for the interconnections
ecosystem.

"The stability of the Internet is critical for the economy of
modern societies, therefore we must identify if the resilience mechanisms in
place today will be effective also in future crises of tomorrow", says Prof.
Udo Helmbrecht, Executive Director of ENISA.

The report examines whether the resilience mechanisms in place
will be effective also in the future, and the Agency proposes a number of
recommendations to ensure this, e.g.:

- Incidents investigations should be conducted by an
independent body in order to understand the nature of success and failures;

- Key research is needed in e.g. inter-domain routing, traffic
engineering, traffic redirection and prioritisation, especially during a
crisis;

- Good practices should be identified and followed, e.g.,
diverse service provision (pluralism), auditing practices and independent
testing of equipment and protocols.

Related:

Critical Information Infrastructure Protection (CIIP) Action Plan
(ec.europa.eu/information_society/policy/nis/strategy/activities/ciip/index_en.htm)

Digital Agenda (
ec.europa.eu/information_society/digital-agenda/index_en.htm)

European Commission Communication COM (2011) 200 Final (
eeas.europa.eu/euromed/docs/com2011_200_en.pdf)

For the full paper:

www.enisa.europa.eu/act/res/other-areas/inter-x

www.enisa.europa.eu

(Due to the length of this URL, it may be necessary to copy and paste
this hyperlink into your Internet browser's URL address field. Remove the
space if one exists.)

For interviews, or further details: Ulf Bergstrom, Spokesman, ENISA,
press at enisa.europa.eu, Mobile: +30-6948-460-143, or Panagiotis Trimintzios,
Expert, ENISA, panagiotis.trimintzios Q enisa.europa.eu