What the FCC's Recall on Net Neutrality Means for Cybersecurity

The FCC has voted to roll back an Obama-era Net Neutrality Rules.

• By Sydny Shepard
• Dec 15, 2017

The Federal Communications Commission has voted 3-2 to roll back Obama-era rules on Net Neutrality. While this does not effectively “end” net neutrality, it does get it one step closer to being dead.

Already, several state attorneys are preparing a lawsuit to stop the decision and it is expected that others follow suit. Many predict the decision will be tied up in court for years before we see the impact of the vote on the internet as we know it.

It is inevitable, however, that change will happen. So we are looking into how this decision will affect user and data privacy and cybersecurity online.

Tim Erlin, VP, product management and strategy at Tripwire, believes the decision to roll back the rules on net neutrality will ultimately end in less transparency and more opportunity for cybercriminals.

“The removal of net neutrality is likely to decrease transparency on the Internet, and less transparency will increase cybersecurity threats,” Erlin said. “As ISPs implement different behaviors for managing, filtering and altering content, we’re going to develop towards a bunch of different internets, instead of one Internet.”

Many cybersecurity experts have expressed concerns on how users’ privacy will be upended in this new world of “different internets,” as Erlin explains it. If users have to “buy” access to certain websites, they will be giving ISPs information about their internet habits, information that can then be vulnerable if hacked into.

Erlin also predicts that ISPs will request payment for strict online security, giving up on end-to-end encryption entirely for users who decide not to pay.

“Why wouldn’t an ISP charge businesses and individuals more for supporting encrypted traffic? The loss of net neutrality can easily make security a premium service. It may not be the first impact, but losing net neutrality opens up the possibility of ISPs mining previously encrypted traffic for valuable data.”

While no permanent changes appear to be happening soon, cybersecurity experts are preparing to secure an internet where anything goes.