Improved cybersecurity will benefit Internet users in the Ukrainian research and education community, thanks to a collaboration between URAN (Ukraine) and CYNET (Cyprus) within the EU-funded EaPConnect project.
URAN, the Ukrainian Research and Academic Network first implemented a system that will prevent users’ data from being sent to the wrong destinations – either by accident or as the result of malicious attacks. The hierarchical Resource Public Key Infrastructure (RPKI) will help prevent Internet traffic from being ‘hijacked’ using the Border Gateway Protocol (BGP) that allows different networks to find communication paths to each other.
URAN then, in early June, entered the global MANRS (Mutually Agreed Norms for Routing Security) initiative that is supported by the Internet Society, and provides crucial fixes to reduce the most common routing threats. URAN supports this initiative, implements its recommendations, and thereby increases the reliability of its network for users.
The URAN Association community is participating in MANRS because routing security is a growing area of concern for network operators around the globe. Whether from accidental misconfiguration or malicious hijack, the results are often more than just inconvenient. Joining MANRS and the Internet2 community’s efforts connects us with a community of security-minded professionals and organisations who are committed to making the global routing infrastructure more robust and secure.”
Productive cooperation
URAN’s work in these areas were guided by experts at CYNET, the NREN of Cyprus, in weekly video calls in which they shared their experience and expertise, recommended the best network security methods, and provided practical help to implement improvements. The cooperation began in March, when the two organisations rapidly decided to focus on increasing the security of the Ukrainian backbone R&E network and of its users. The four people participating in this knowledge exchange – two from each organisation – quickly developed an action plan and began its execution. The partnership has been bringing benefits to CYNET too.
CYNET and URAN have come together to teach, learn and support each other in the critical field of cybersecurity. This is one of the advantages of being part of the GÉANT community; you are never alone. We learn what an operation mode in Ukraine is and with this knowledge we can advance our cybersecurity system. On the other hand, we share our experience with our Ukrainian colleagues in order to help them improve cybersecurity for the research and education community of their country. This can only have positive outcomes and it is a great joy and pleasure every time we have the opportunity to have such collaborations. The exchange of knowledge and experience between CYNET and URAN on cybersecurity, which is one of the most serious issues of our times, will not only help the two countries move forward, but the community as well. Hopefully, this collaboration will be the onset for new ones, especially within the Eastern Partnership.”
URAN and CyNet have planned further cooperation, to implement network ingress filtering to reduce the ease with which some types of DDoS (Distributed Denial of Service) attacks can be undertaken, and to enable DNSSEC (Domain Name System Security) validation and signatures by users. This whole set of measures will improve the security of the URAN backbone network and increase its reliability for users.
Further information
These activities are part of a mentorship programme that EaPConnect launched early in 2020, which have also seen cooperation between ASNET-AM and DFN, the Armenian and German NRENs.