The White House thinks it's time to repair a weak link in the internet
Date:
Wed, 04 Sep 2024 18:28:00 +0000
Description:
It's time to talk about the Border Gateway Protocol, the White House says.
FULL STORY ======================================================================
The Border Gateway Protocol (BGP) is flawed, and needs to be fixed. Repairing this protocol would minimize data theft , extortion, state-level espionage,
as well as the disruption of security-critical transactions. This is the conclusion of a new roadmap document, published earlier this week by the
White House.
The document is called Roadmap to enhancing internet routing security, and it discusses the problems, and potential solutions, of BGP.
The Border Gateway Protocol (BGP) is the primary routing protocol used to exchange routing information between different autonomous systems (AS) on the internet. In other words, its the glue that holds the entire internet together. Espionage and data theft
It enables routers to determine the most efficient paths for data to travel across the vast expanse of interconnected networks that make up the internet. BGP is crucial for maintaining a stable and scalable internet by allowing networks to share reachability information and make routing decisions based
on a variety of policies.
But the protocol was designed back in 1989, and security was more of an afterthought. As a result, BGP has been abused multiple times throughout the years in some high-profile attacks. For example, in 2008, a Pakistani ISP wanted to block access to YouTube within Pakistan but accidentally announced
a more specific BGP route that led to YouTubes global traffic being
redirected through Pakistan. This caused a worldwide outage of YouTube for several hours.
Two years later, China Telecom advertised incorrect BGP routes that caused a significant amount of global internet traffic, including that of U.S. government and military sites, to be routed through China for about 18 minutes. China claimed it was an incident, while some researchers in the west thought it was a deliberate attempt at cyber-espionage.
In 2018, attackers hijacked BGP routes for Amazons Route 53 DNS service to redirect traffic intended for MyEtherWallet, a popular cryptocurrency wallet service, to a malicious server. The attackers then stole users'
cryptocurrency by tricking them into entering their credentials on the fake site.
The solution is an authentication scheme called Resource Public Key Infrastructure (RPKI) - a security framework designed to enhance the security of the Border Gateway Protocol (BGP) by providing a way to cryptographically verify the ownership of IP address blocks and the authorization of networks
to announce specific routes.
To that end, this document serves as a roadmap to increase the adoption of technologies that address critical vulnerabilities associated with the Border Gateway Protocol (BGP) and drive improvements in Internet inter-domain
routing security and resilience, the White Houses document concludes.
This roadmap is not a technical guide on how to implement routing, but rather points to best-available guidance and practices, details United States Government (USG) actions to promote BGP security, and makes recommendations
to improve routing security throughout the Internet ecosystem.
Via The Register More from TechRadar Pro Did Russia's biggest ISP just try and steal Apple network traffic? Here's a list of the best firewalls around today These are the best endpoint security tools right now
======================================================================
Link to news story:
https://www.techradar.com/pro/vpn/the-white-house-thinks-it-s-time-to-repair-a -weak-link-in-the-internet
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)