The Internet's Border Gateway Protocol (BGP) seems to be the new darling of hackers and nation-states, but BGP expert Wim Remes says BGP abuse is nothing new -- and securing it is actually fairly simple.
"I think the biggest issue is the understanding of trust on the Internet," says Remes, EMEA strategic services manager at Rapid7. Remes says there are basic ways to lock down the security of BGP, but not many service providers or organizations are doing it.
"These security technologies for BGP work very well, they are inexpensive to implement, and there's no incentive for ASN owners to implement them," says Remes, who here today outlined BGP security options in his State of BGP Security session.
But Remes says the big overarching issue today is trust on the Internet, which boiled over after Edward Snowden's leak of controversial NSA surveillance practices.
Meantime, cybercriminals as well as nation-states increasingly have abused the Internet's underlying BGP traffic-routing fabric to hijack or disrupt networks for profit or political reasons. BGP can be abused via router impersonation, distributed denial of service attacks, and traffic hijacking.
OpenDNS's Dan Hubbard here this week will launch a new free tool called BGP Stream that tweets out alerts on suspicious BGP/Autonomous System Number (ASN) updates and changes so network owners, ISPs, and hosting providers can keep abreast of malicious network changes that could hijack or otherwise disrupt their traffic. Hubbard, OpenDNS's CTO, says BGP "the new black" in the attackers' arsenal.
Read the rest of the article at Dark Reading.