Why ISPs don’t throttle DDoS traffic
- By Mark Rockwell
- Nov 09, 2016
One of the reasons distributed denial-of-service attacks like the one that recently hit internet infrastructure company Dyn are so effective is because internet service providers can’t legally block traffic overloads, experts say.
Robert Mayer, vice president of industry and state affairs at the U.S. Telecom Association, said telecommunications carriers were ready to engage with the Department of Homeland Security about possibly blocking suspect traffic. However, such defensive measures could pose a legal problem because ISPs don't have liability protections and are obligated by law to continue service, he explained during a Nov. 8 panel discussion at the National Cybersecurity Institute.
If the carriers had gotten involved, their lawyers would have had to ensure that they did not violate laws that require them to keep their communications lines open, Mayer added. Mary Ellen Seale, founder and CEO of the National Cybersecurity Society, agreed, saying that taking defensive measures "would have blocked routers that [carriers] are required to keep open."
That is one of the complex details that must be addressed as the private sector and the government share more and more information, according to the panelists.
Their remarks echoed those of Commerce Secretary Penny Pritzker. In a speech in September, she called for a strengthened legal framework to protect companies when they share information about cyber risks.
"Yet even as companies and agencies begin speaking the same language of cyber risk, we are not yet having truly candid, actionable conversations because we lack the legal support structure necessary for doing so," Pritzker said in her speech.
Some liability protections are covered under the Cybersecurity Information Sharing Act, which passed as part of the 2016 omnibus spending bill, but she argued that when companies are under cyberattack, they do not immediately turn to the government for help.
Companies don't wait for the government to respond to attacks, said Vern Mosley, senior cybersecurity engineer at the Federal Communications Commission. The collaboration that was demonstrated during the attack on Dyn is one of the most dynamic protections against cyberattacks that the country has. He added that the response to the Dyn attack gave him great confidence in the ability of the private sector to neutralize threats.
A longer version of this article first appeared on FCW, a sister site to GCN.
Mark Rockwell is a staff writer at FCW.
Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.
Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.
Click here for previous articles by Rockwell.
Contact him at firstname.lastname@example.org or follow him on Twitter at @MRockwell4.