We have become so dependent on the internet, our crucial infrastructure depend on it, our money, our communication, our privacy, our valuable data, our entertainment, our democracy,
This is why the second part was implemented on top of this to make it easier to interact with “the internet”, Domain Name Servers.
This is not me saying this and was not discovered yesterday, more info, check this memo by the IETF from 2006: ietf.org/rfc/rfc4272.txt
Intentionally/unintentionally manipulating the routing to reroute the traffic to yourself.
You do need some networking knowledge to understand the process.
If we look at the most impacting security vulnerabilities for BGP, in my opinion, it would be these 2:
This is less worrisome because it gets discovered quickly because people will not be able to reach the service.
dyn.com/blog/pakistan-…
arstechnica.com/uncategorized/…
You can follow the propagation here animated:
stat.ripe.net/events/youtube…
All major powers are playing with this. Why not it is easy and provides you with a huge volume of traffic.
documentcloud.org/documents/3871…
China: Has been doing this as well with their state-owned ISP that started spinning up POPs
scholarcommons.usf.edu/cgi/viewconten…
arstechnica.com/information-te…
Iran: State-sponsored actors trying to remotely gain access to social media and secure messaging applications.
blog.talosintelligence.com/2018/11/persia…
Is there no solution for these issues? Well as stated BGP in its essence is mostly based on trust,but allot of these attacks could have been prevented by setting up BGP correctly
When this route (intentionally or unintentionally) escaped the Pakistand Telecom network, their ISP PCCW in Hong Kong, which propagated the route to the rest of the world.
Another more recent example is the Nigerian ISP that knocked down Google:
blog.cloudflare.com/how-a-nigerian…
Interesting
But then again I PERSONALLY do not think that the above countries don't know how to do it, but see the benefit of it ;)
While now there are organisations that are trying to focus more and document the internet through BGP, I think we will uncover more of these attacks.
There have been some different BGP improvement proposals, papers and artticles but that is not easy to say the least.
As any network engineers working in an enterprise knowns,
It is not exactly a walk in the park.
I kind of see 2 things for that:
1) Provide help 2 implement best practices as mentioned above
NIST provides interesting guidelines to some best practices:
csrc.nist.gov/publications/d…
csrc.nist.gov/publications/d…
This can also cause allot of damage as was seen in the Dyn attack a couple of years ago, causing Twitter, SoundCloud, Spotify, Shopify,... go down.
techcrunch.com/2016/10/21/man…
So I think I was able to convince him that "THE INTERNET" in itself was old and vulnerable in itself.
These views are my own personal opinion :)
Part 1:
Part2: