Network Computing is part of the Informa Tech Division of Informa PLC
Securing BGP Not As Difficult As You'd Think
The Internet's Border Gateway Protocol (BGP) seems to be the new darling of hackers and nation-states, but BGP expert Wim Remes says BGP abuse is nothing new -- and securing it is actually fairly simple.
"I think the biggest issue is the understanding of trust on the Internet," says Remes, EMEA strategic services manager at Rapid7. Remes says there are basic ways to lock down the security of BGP, but not many service providers or organizations are doing it.
"These security technologies for BGP work very well, they are inexpensive to implement, and there's no incentive for ASN owners to implement them," says Remes, who here today outlined BGP security options in his State of BGP Security session.
But Remes says the big overarching issue today is trust on the Internet, which boiled over after Edward Snowden's leak of controversial NSA surveillance practices.
Meantime, cybercriminals as well as nation-states increasingly have abused the Internet's underlying BGP traffic-routing fabric to hijack or disrupt networks for profit or political reasons. BGP can be abused via router impersonation, distributed denial of service attacks, and traffic hijacking.
OpenDNS's Dan Hubbard here this week will launch a new free tool called BGP Stream that tweets out alerts on suspicious BGP/Autonomous System Number (ASN) updates and changes so network owners, ISPs, and hosting providers can keep abreast of malicious network changes that could hijack or otherwise disrupt their traffic. Hubbard, OpenDNS's CTO, says BGP "the new black" in the attackers' arsenal.
Read the rest of the article at Dark Reading.
Recommended For You
Developing and managing a network budget is hard work for network professionals, who often get hit with new projects that they know nothing about. Is there a better way to manage network spending?
Making the jump from outdated legacy technology to a more modern digital infrastructure will allow businesses to innovate at the speed and scale needed in today’s marketplace.
The business world is speeding up. The longer IT leaders wait to get their needs met, the more at risk their businesses and their jobs will be.