The Border Gateway Protocol (BGP) is flawed, and needs to be fixed. Repairing this protocol would minimize data theft, extortion, state-level espionage, as well as the disruption of security-critical transactions. This is the conclusion of a new roadmap document, published earlier this week by the White House.
The document is called “Roadmap to enhancing internet routing security”, and it discusses the problems, and potential solutions, of BGP.
The Border Gateway Protocol (BGP) is the primary routing protocol used to exchange routing information between different autonomous systems (AS) on the internet. In other words, it’s the glue that holds the entire internet together.
Espionage and data theft
It enables routers to determine the most efficient paths for data to travel across the vast expanse of interconnected networks that make up the internet. BGP is crucial for maintaining a stable and scalable internet by allowing networks to share reachability information and make routing decisions based on a variety of policies.
But the protocol was designed back in 1989, and security was more of an afterthought. As a result, BGP has been abused multiple times throughout the years in some high-profile attacks. For example, in 2008, a Pakistani ISP wanted to block access to YouTube within Pakistan but accidentally announced a more specific BGP route that led to YouTube’s global traffic being redirected through Pakistan. This caused a worldwide outage of YouTube for several hours.
Two years later, China Telecom advertised incorrect BGP routes that caused a significant amount of global internet traffic, including that of U.S. government and military sites, to be routed through China for about 18 minutes. China claimed it was an incident, while some researchers in the west thought it was a deliberate attempt at cyber-espionage.
In 2018, attackers hijacked BGP routes for Amazon’s Route 53 DNS service to redirect traffic intended for MyEtherWallet, a popular cryptocurrency wallet service, to a malicious server. The attackers then stole users' cryptocurrency by tricking them into entering their credentials on the fake site.
The solution is an authentication scheme called Resource Public Key Infrastructure (RPKI) - a security framework designed to enhance the security of the Border Gateway Protocol (BGP) by providing a way to cryptographically verify the ownership of IP address blocks and the authorization of networks to announce specific routes.
“To that end, this document serves as a roadmap to increase the adoption of technologies that address critical vulnerabilities associated with the Border Gateway Protocol (BGP) and drive improvements in Internet inter-domain routing security and resilience,” the White House’s document concludes.
“This roadmap is not a technical guide on how to implement routing, but rather points to best-available guidance and practices, details United States Government (USG) actions to promote BGP security, and makes recommendations to improve routing security throughout the Internet ecosystem.”
Via The Register
More from TechRadar Pro
- Did Russia's biggest ISP just try and steal Apple network traffic?
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now