May 14, 2024 - Technology

Commerce Department moves to secure internet traffic

Illustration of ethernet cables arranged to look like the U.S. flag

Illustration: Annelise Capossela/Axios

The Commerce Department has started implementing new internet routing security measures to fend off nation-state hackers and other malicious cyberattacks.

Why it matters: Improving the department's internet security can keep hackers from spoofing government domain names, stealing data flowing over these networks or hijacking traffic going to legitimate government websites.

Zoom in: A handful of Commerce Department offices have signed new Route Origin Authorizations (ROAs) — a cryptographic certification that proves the website is legitimate and validates web traffic flowing through it.

  • The Bureau of Economic Analysis, the Bureau of Industry and Security, the International Trade Administration and the National Telecommunications and Information Administration are each implementing the new routing protocol.
  • The National Oceanic and Atmospheric Administration — along with each of the researchers, scientists and partners on the office's N-Wave network — had already previously moved to these procedures.
  • NTIA worked with the American Registry for Internet Numbers (ARIN) and other groups to determine the tools needed and best practices for transitioning to this routing protocol.

Driving the news: The implementation plan for the Biden administration's national cybersecurity strategy urged agencies to increase adoption of secure internet routing technologies.

The big picture: Implementing these routing protocols requires manpower, money and resources that some government offices and businesses don't have, Commerce officials told Axios.

  • Both the private and public sectors have historically lagged in implementing strong routing security measures, Alan Davidson, administrator for NTIA, told Axios in an exclusive interview.

Inside the room: The Commerce Department hosted a small, internal ceremony Monday where the bureaus signed their ROAs, Davidson told Axios.

  • Federal CISO Chris DeRusha and officials from the White House's National Security Council attended the event.

What they're saying: "A lot of people think of us as the Department of Business, which we are, but we're also the department of data and science and people and communities," Don Graves, deputy secretary of commerce, told Axios.

  • "In order for us to ensure the safety and security of all of those things.... it's absolutely imperative for us to implement this model contract ourselves."

What's next: The Census Bureau and the National Institute of Standards and Technology are currently working on signing their own ROAs, Graves said.

  • Commerce has also developed a model procurement contract that other agencies can work from to develop the same routing security measures.
Go deeper