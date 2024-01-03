2023 in Review: Advances in Internet Routing Security and Predictions for 2024

The year 2023 marked significant strides in internet routing security, as reflected in the Resource Public Key Infrastructure (RPKI) statistics and developments in Internet Engineering Task Force (IETF) standards. The RPKI database showed substantial growth, with the total cache size, the number of files, publication servers, certification authorities, route origin authorizations, and unique VRPs all swelling by percentages ranging from 16% to 36%. Remarkably, the coverage of IPv4 and IPv6 addresses by ROAs nearly doubled, demonstrating increased adoption and efficiency in routing security measures.

Government Interest and Trust Model Concerns

Government interest in routing security saw a notable increase. The Federal Communications Commission (FCC) hosted a workshop, and the Dutch government committed to RPKI usage by the end of 2024. However, concerns about the trust model led to initiatives proposing either operator-imposed or externally imposed constraints on Regional Internet Registries (RIRs) to reduce risk.

Improvements in Standards and Protocols

The SIDROPS working group at IETF implemented a new rule requiring interoperability demonstrations pre-RFC publication, aiming to improve the quality of standards. This step signals a move towards more stringent measures to ensure internet routing security. Meanwhile, the Canadian Internet Exchange Point YYCIX became the first to deploy Autonomous System Provider Authorization (ASPA) validation, furthering advancement in the adoption of routing security measures.

Debates Over Transport Protocols

On the other hand, debates continue over the optimal transport protocol for RPKI data. The RSYNC protocol has been valued as a reliable backup for the RRDP, indicating the ongoing quest for the most robust and secure protocol for RPKI data. The memo concludes with an optimistic view of the volunteer-driven improvements and adoption of RPKI, projecting a promising future for internet routing security.

On a separate note, experts predict an increase in supply chain attacks, which are expected to cost the global economy almost $81 billion by 2026, according to Juniper Research. Open source code is particularly vulnerable to these attacks, with a 742% increase in supply chain malware implanted in upstream open source packages between 2019 and 2022. This alarming trend underscores the need for more robust security measures in dealing with supply chain attacks.

Secure AI Development and Rising Demand for CPSOs

The year 2024 is expected to witness more emphasis on secure by design principles in AI development and testing. AI tools are expected to improve in accuracy, relevancy, and threat modeling, leading to a surge in AI use for development and testing. The demand for Chief Product Security Officers (CPSOs) is also projected to increase due to the rise in computer-generated attacks and defenses leveraging AI. This shift suggests a growing recognition of the role of AI in bolstering cybersecurity in the face of evolving threats.