As one of the building blocks of the Internet, border gateway protocol (BGP) is an essential but extremely outdated component for routing traffic. The protocol, which uses paths, network policies and rules to make core routing decisions, has remained unchanged since 1994. But while it has faced some criticism of late due to challenges in keeping up with the Internet’s evolution toward the cloud and services-based applications, BGP is being exposed to even larger risks.
Incidences of BGP hijacking are becoming more commonplace, as cybercriminals and even governments take advantage of the simplistic protocol to misdirect or intercept traffic. Hijacking is performed by configuring an edge router to announce prefixes not assigned to it. Very simply, if the hijacked configuration is more specific than the original configuration or offers a shorter path, traffic will be redirected.
One of the most well-known instances of BGP hijacking occurred during a six-day period in 2013, when Italian web host Aruba S.p.A. fraudulently gained ownership of 256 IP addresses. The maneuver was performed by spyware service provider Hacking Team in cooperation with the Italian National Military Police to monitor the computers of a number of suspicious targets. The IP addresses subsequently became unreachable through their rightful owner, Santrex, a hosting provider known to cater to criminals. The company went out of business later that year.
In another instance in 2014, BGP hijacking was used to intercept Bitcoin miners’ connections to a mining pool server. According to Dell (News - Alert) SecureWorks, success in rerouting traffic resulted in the collection of $83,000 in cryptocurrency by criminals over a two-month period.
BGP clearly has flaws that need to be addressed to keep apace of today’s Internet traffic. But its cybersecurity weaknesses are perhaps the most critical issues that need to be combatted. Teridion is one of the leading company’s tackling the problem, moving to add intelligence and application awareness on top of the BGP protocol.
The company, which strives to optimize the individual Internet experience by factoring in variables like the cloud, virtualization and automation, offers its Global Cloud Network to find the best and most efficient means to route traffic. Teridion Cloud Virtual Routers handle the legwork, using proprietary algorithms to avoid congestion while offering high performance and availability. The system layers intelligence and therefore security and protection on to BGP, shielding traffic from hijacking and other vulnerabilities.
Edited by Stefania Viscusi