Securing Network Infrastructure

Report on ARIN “COVID-19 and the Caribbean Internet” Webinar Series


Security breaches involving computer networks have been making headlines with increasing frequency. And the pandemic-induced migration to work-from-home arrangements and rushed online services online has only served to increase the risk. Yes, despite high-profile stories about network hacks, distributed denial-of-service (DDoS) attacks and data theft, many businesses remain unprepared or improperly protected from today’s security threats.

ARIN in the Caribbean held a two-part virtual workshop on Securing Caribbean Network infrastructure as part of ARIN’s COVID-19 and the Caribbean Internet webinar series hosted in collaboration with CaribNOG.

“Cyberattacks present a very serious risk to consumers, businesses and governments in the region and around the world. At a time when economies are already reeling from the impact of a global pandemic, organizations that are ill-prepared can suffer significant loss in time, productivity, money, and consumer confidence if they are hacked,” according to Bevil Wooding, Director of Caribbean Affairs at ARIN.

Computer networks have become an essential to business and life. However, the Caribbean’s growing dependence on digital communications when contrasted against its infrastructure, policy and human resource constraints, creates a higher vulnerability to attack.

“Some people mistakenly believe that institutions in small economies such as the Caribbean are less likely to be a target of attacks. In reality, as large enterprises strengthen their network security, hackers are increasingly focusing on so called ‘soft-target’ organizations and businesses in emerging markets. This makes the Caribbean a very attractive location for hackers,” Wooding added.

Presenters for the session included Stephen Lee and Steve Spence, representing the Caribbean network Operators Group, CaribNOG; Alejandro Acosta of the Internet Registry for Latin America and the Caribbean, LACNIC; and Nicolas Antoniello of the Internet Cooperation for Assigned Names and Numbers, ICANN.

The presentations from the speakers provided actionable recommendations for improving Caribbean network resilience, including implementing DNS security, network autonomy, clear security roles and strong user password enforcement. The sessions also highlighted current efforts by regional and international non-profit organizations to address the issue of cybersecurity, noting that ARIN, the Caribbean Network Operators Group (CaribNOG), LACNIC, ICANN, ISOC, Packet Clearing House and others are already collaborating on initiatives to develop greater awareness and technical capacity in network security

Stephen Lee shared that computer network hacking and cyber-attacks are clear and present danger to Caribbean information security.

“The Caribbean is one of the world’s fastest growing regions in terms of Internet usage. And in the past few months, the region has experienced an even greater reliance on digital communications for essential services ranging from day-to-day communications and online classes to online banking and border protection. As more computer users and networks connect to the Internet, they are susceptible to attack and from modern day digital pirates of the Caribbean, otherwise known as computer hackers,” said Lee.

Risks include disruption of services, exposure of confidential information, corruption of data, legal liability and damaged reputation. Organisations with a high profile or profit margin have a much higher risk of attack. For the Caribbean, this makes whole economies particularly vulnerable to cyber-attacks.

International and regional organisations alike are making efforts to help Caribbean governments pay greater attention to cybersecurity issues. The International Telecommunications Union, the Inter-American Committee against Terrorism (CICTE), the Caribbean Telecommunications Union, the Caribbean Network Operators Group (CaribNOG), the Commonwealth Telecommunications Organisation (CTO) and the Internet Corporation for Assigned Names and Numbers (ICANN) all have plans and programmes to create greater regional awareness and build regional defense capacity.

“Unfortunately, for the most part, the regional approach to cybersecurity remains fragmented. Governments and the private sector are simply not moving with sufficient alacrity to address existing national vulnerabilities or to define a coordinated regional defense strategy,” said Wooding.

It is vitally important that organisations and individuals take the necessary steps to secure their critical technology infrastructure and protect user and corporate data,” he added.

The speakers encouraged participants to avoid the trap of thinking about computer security as solely a technical concern.

“Organisations should consider cybersecurity as a business continuity issue. Defending government, corporate and personal networks against attack requires constant vigilance and education. It also requires a coordinated national and regional approach to cybersecurity, Wooding explained, adding, “In today’s world, the security, resilience and robustness of computers networks are critical to the development of the digital economy. These issues are now the concern and the responsibility of governments, private network operators and end users.”

**********

The ARIN Caribbean webinar series, titled “COVID-19 and the Caribbean Internet,” explored the evolving impact of the COVID-19 pandemic in four key areas—infrastructure, security, access policy, and network service delivery best practices. The series comprised of 10 weekly sessions, conducted from 9 April to 12 June 2020. The initiative is spearheaded by ARIN and CaribNOG, in collaboration with  the Latin American and Caribbean Internet Registry (LACNIC), the Internet Society (ISOC), the Organization of Eastern Caribbean States (OECS) Commission, and the Internet Corporation for Assigned Names and Numbers (ICANN).