FCC investigates BGP vulnerabilities in light of Russian hacking threat

0

The FCC is opening an investigation into security issues related to the Border Gateway Protocol (BGP), a widely used standard for managing interconnectivity between large portions of the Internet.

The move, announced on Monday, came in response to “Russia’s escalating actions inside Ukraine,” according to the Commission’s investigative statement.

BGP is essentially a method of ensuring that independently managed networks that make up the global Internet can communicate with each other. Its original design, which the FCC says is still in widespread use today, lacks key security features, meaning that by simply misconfiguring its own BGP information, an attacker could potentially redirect internet traffic to where it sees fit. This could allow this attacker to send false information to their targets, read and compromise credentials, or simply shut down any type of traffic they want.

The potential consequences of a BGP hack are extreme, the FCC said, noting that the types of network effects such an attack can cause include impacts on critical infrastructure such as financial markets, transportation and utility systems.

There are security frameworks for BGP — the Internet Engineering Task Force and the National Institute of Standards and Technology have both created several standards to make BGP more secure, among other projects with that goal — but the FCC said many networks don’t have done exploited and remain vulnerable.

Therefore, the Commission’s investigation has several objectives, including identifying potential damage that could result from malicious attacks on BGP, methods to monitor BGP attacks, and possible ways to accelerate the adoption of security standards for BGP.

“Ensuring continued U.S. leadership requires that we explore opportunities to drive trusted innovation for safer communications and critical infrastructure,” the FCC said.

BGP hijacks can happen accidentally rather than through malicious activity—but in either case, their impact can be far-reaching. In an April 2020 incident, traffic destined for some of the internet’s biggest names, including Google, Facebook and Amazon, was briefly rerouted through Russia’s state-owned ISP Rostelecom.

A second “hijack” in the same month sent traffic from Visa and Mastercard to Rostelecom, among others. The Internet Society-run Mutually Agreed Norms for Routing Security (or MANRS) project said it identified about 775 incidents as possible BGP hijacks in 2021 alone.

“The FCC’s announcement addresses issues inherent in BGP, but it also applies to the network vendor and operator ecosystem. She is soliciting comments on security mitigations, controls, and the level of regulatory oversight being applied across the ecosystem of network operators and providers (and quite a bit more than that),” said the vice president of Forrester and Principal Analyst Jeff Pollard.

“This is less about discovering new or interesting things related to BGP and more about providing impetus to make necessary changes that make BGP more secure given its importance. The internet doesn’t work without it,” Pollard said.

Join the Network World communities on Facebook and LinkedIn to comment on hot topics.

Copyright © 2022 IDG Communications, Inc.

Share.

About Author

Comments are closed.