Head of MSK-IX Yevgeny Morozov speaks at Spectr Forum
The Spectr Forum is the main platform for exchanging information, experience, and views on the problems associated with the regulation of the communications industry and information and communications technology, where the leaders in the telecom market and the internet community get the opportunity for direct dialogue with representatives of government agencies. Far-reaching proposals and initiatives in the regulation of various segments of the communications industry are worked out at the forum sessions.
This year, Director General of MSK-IX Yevgeny Morozov delivered a report in which he outlined the main problems with network connectivity in Russia, as well as proposals to resolve them.
Since February 2022, Russian corporate and government systems have seen an exponential increase in massive DDoS attacks. This creates a significant risk of losing data and downtime in the service. In this situation, it is especially important to protect the online traffic between a certain group of stakeholders, such as financial transactions, electronic document management and other critical data.
Usually, all traffic goes through public internet channels and therefore, can be attacked from the outside – this is the biggest problem. To address this problem, MSK-IX has developed Safe Peering Group, a service that essentially allocates a traffic exchange point to a specific group of stakeholders. The technology used for this solution cuts off DDoS attacks at the architecture level. All participants connect to a dedicated router via the L2 protocol, bypassing the public internet, making their traffic inaccessible to attacks from the outside. Each private peer-to-peer group has its own administrator who has to approve access for each new member.
MSK-IX is also the administrator of the global DNS cloud used by registrants of top-level domains .RU and .РФ. Yevgeny Morozov drew the audience’s attention to the problem that arises when certain telecom operators use public internet to connect to the DNS network. This creates risks that are outside the MSK-IX area of responsibility. Not all operators make enough effort to arrange good local connectivity. Many of them use another operator to connect to the DNS network, which leaves the entire connection poorly controlled. MSK-IX offers DNS Resolver Network, a solution that includes good local connectivity and response times. To remove any problems arising from connections over the public internet, MSK-IX recommends connecting to the DNS network through MSK-IX traffic exchange points because they all are directly connected to the DNS resolvers. This will help provide guaranteed secure access to DNS resolvers, and at the same time, solve the issue of peering.
After analyzing the vector of DDoS attacks carried out since February 2022, MSK-IX specialists found that the most painful attacks were those aimed at the DNS infrastructure of large registrars, which are often registrants of second-level domain registries. Attacks on their infrastructure can take down up to 30% of Runet. Several incidents were recorded this year. MSK-IX has a Data Escrow service designed to back up domain registries. The company is also accredited by ICANN as a Data Escrow Provider, both for registries and registrars. However, while registries make full use of Data Escrow services, registrars are not using them. The problem is that in case of a serious attack on the registrar, it is not enough to have a backup copy of the registry. In order to fully deploy the backup registry in an attack, the EBERO service is the other necessary component.
“MSK-IX has deployed its EBERO service infrastructure for registries, but we do not have this system for registrars. Because it is a complex and high-load system, deploying it requires serious financial costs. Also, there is no regulatory framework for this solution. MSK-IX has the competence and is ready to implement this system, but the above issues require discussion and attention from both regulators and registrars,” Yevgeny Morozov concluded.