ARIN and Internet2 are collaborating to keep US R&E networks safe from cyber-attacks.
Ninety-five percent of network routes originating from US research and education (R&E) institutions lack a form of hijack protection known as RPKI, or Resource Public Key Infrastructure. Adding this layer of security is something that the IP address owners, typically campuses in the US, will want to address. Internet2 is working to build tools, training, and outreach programs to support this need and we hope this blog highlights the opportunities for us to work together to improve the community’s security posture.
By comparison to US academic institutions, the public Internet’s use of RPKI is eight times greater than our community’s. In other research and education networks around the globe, including GÉANT’s pan-European network, RPKI adoption by member institutions exceeds the United States R&E community by a wide margin.
Without RPKI, 95% of the US R&E community’s routes are at a greater risk of being hijacked or blocked. These routes are of particular interest, due to their large size, to spammers seeking to hijack a subnet to host mail-spamming servers. There’s potential to harm the reputation of a campus’ email infrastructure by allowing even a small subnet to be hijacked.
