Making the Internet a Safer Place: Oracle Internet Intelligence for Everyone

When an Internet outage occurs in nearly any country globally, @Oracle’s Internet Intelligence team can provide critical insight into connectivity and performance metrics. The Oracle Internet Intelligence team is made of elite data scientists and security researchers that analyzes and monitors global Internet security and performance events. The team, originally founded as Renesys and acquired by Oracle, has monitored the state of the Internet 24/7 for more than a decade. Using their expertise, they analyze the connectivity of every network and every service provider—in every market on earth—in near real-time. The team is dedicated to reporting and covering issues such as country-level connectivity statistics, transit shifts, and security threats that impact the performance of the global Internet.

Insight into connectivity and performance is crucial to governments and enterprises, including Oracle itself, to better understand the threats to critical Internet-facing assets. Internet Intelligence provides this insight to Fortune 50 and public sector customers in the form of derived data products and applications.

To better understand some of the perspective and visibility the team can provide, let’s take a look at a recent event from earlier this month.

Insights from Internet Intelligence

From October 2nd through October 8th, the Internet Intelligence team observed a major outage in Iraq due to local protests (see Figure 1).

Here, the majority of traceroutes into the country were not completing, which indicates an inability to reach internet-facing assets in Iraq. The team sees disruptions in traceroute and Border Gateway Protocol (BGP) data in countries not just in times of geopolitical turmoil, but also during major weather events, routine cable maintenance windows, and even during student exams in some regions.

Intelligence for Enterprises and Public Sector Customers

In the last three years, there have been over 370 documented Internet shutdowns worldwide, according to AccessNow. There have also been a multitude of new regulatory regimes set up in the name of privacy or cyber sovereignty. As governments and businesses move sensitive workloads and data to the cloud and debate critical issues that will shape the Internet of the future – it’s important for decision makers to understand the underlying infrastructure that powers government operations and worldwide commerce.

An example of Internet Intelligence: Optimizing Cloud-Based DDoS Mitigation with Telemetry

Increase of latency during a DDoS attack

Monitoring BGP-based DDoS activation provides visibility into where attacks might be happening, along with the length and effectiveness the route protection, in near real-time. The hijack, which intermittently affected access to a company’s website and services, was identified by Oracle Internet Intelligence systems. In this example, a cloud-based DDoS protection provider hijacked the organization’s IP blocks so that all the attack traffic was redirected to specialized DDoS scrubbing centers. During the IP block hijack, our security team measured a number of interesting statistics about the route instability, latency jump, and other artifacts caused by the traffic reroute.

BGP routing alerts

Both BGP and DNS data have had recent high-level security events which were observed broadly and affected large swaths of the public domain in various parts of the world. Many public sector and enterprise entities are tasked with understanding and taking some role to mitigate these types of attacks, but in many cases, may not have the resources for full visibility into the routing layer of the Internet. If internet traffic typically travels from Point A to Point B through Europe, and is suddenly diverting elsewhere, this is insight many organizations need to know. This is where Internet Intelligence can help, with BGP-based route monitoring and alerting. These alerts notify organizations of changes to their IP assets, such as hijacks or outages, in close to real-time, helping discover and remediate issues like operator mistakes and malicious activity.

Internet Intelligence for the Internet Community

Oracle Internet Intelligence launched the Internet Intelligence Map where a sampling of Internet data is made publicly available. The Internet Intelligence Map presents country-level connectivity statistics based on traceroutes, BGP routes, and DNS query volumes on a single dashboard. As noted, extreme weather, state-imposed outages, and maintenance can all affect Internet connectivity and the map provides a way for anyone to investigate issues like these and explore the current state of the Internet.

To stay up to date on the latest potential Internet disruptions around the world check out the Internet Intelligence Map and follow them on Twitter for more insights on Internet performance and security.

This article first appeared here. @OracleSecurity and @Oracle