Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    6 Smart Ways to Be Prepared for a Car Accident

    March 30, 2023

    Walking a Mile in a Police Officer’s Shoes: A Look at Footwear for Law Enforcement

    March 29, 2023

    15 Studentuniverse Alternatives for 2023: Get the Best Hotel, Flight & Tour Deals

    March 29, 2023
    Facebook Twitter Instagram
    • Home
    • About Us
    • Advertise
    • Write For Us
    • Contact Us
    Facebook Twitter
    Connection Cafe
    • Small Business
      • Biz Tech
      • Marketing
      • Sales
    • IoT
    • IT
      • Big Data
    • Security
    • Software
    • Internet
      • Web Apps
      • Social Media
    • Mobile
      • Android
      • iOS
    • Gaming
    • Other
      • Gadgets
      • Blogging
      • VOIP
    Connection Cafe
    Home»Cyber Security»The Power And Potential Of Border Gateway Protocol (BGP) Hijacking
    Cyber Security

    The Power And Potential Of Border Gateway Protocol (BGP) Hijacking

    RichardBy RichardMay 3, 2019Updated:May 7, 2019No Comments5 Mins Read

    If you haven’t noticed, the Internet is a rather big place. This is a good thing because it means that there is plenty of stuff on there for wasting time at work, but it also means that it’s really hard to find exactly what you came looking for. Worse, the path from point A to point B keeps changing as links go up and down and you move from home Wi-Fi to a coffee shop.

    As a result, computers don’t even try to store a map of how to reach any other computer on the Internet. Instead, they use a protocol called the Border Gateway Protocol (BGP) to find routes to anywhere that you want to go. This approach has its pros and cons. For one, it works (which is a major pro). However, it can also be abused. Ironically, not all “abuses” are bad. On the one hand, it’s been used for eavesdropping on people’s traffic, but, on the other, BGP hijacking is also a key component in advanced DDoS protection solutions.

    Classified Ad: Packet Sender Seeking Recipient

    Before getting into the details of how BGP can be abused, let’s start with a brief description of how it works. BGP works a lot like using referrals to find someone with a particular skill set. For example, you may want to meet with a certain person to close a business deal, but you know that you won’t ever get in the door without being introduced by someone that they know and trust. You mention the fact to a friend of yours, who has a friend who knows that person. By going through your friend and their friend, you’re in the door.

    BGP works very similarly. When computer A wants to talk to computer B and doesn’t know them personally, they send out a request for a known route to them. Eventually, computer A’s request will reach an Autonomous System (AS), which keeps lists of routes to certain areas of the Internet. That AS will be able to reply telling computer A where to route its packet in order to make sure it reaches computer B.

    But how does this AS get the routing information? By talking to other ASs on the Internet. Each AS takes responsibility for a section of the Internet that they know how to route packets efficiently to. Each one advertises the sections that they know, and other ASs will update their personal lists based on these advertisements.

    The big issue with BGP is that there is no checking the validity of these advertisements. A malicious (or confused) AP can advertise false routes to other ASs. When a computer wants to send a packet to a certain computer, it uses the shortest, most precise route available with no error checking. This ability to advertise false addresses is what makes BGP hijacking possible.

    Go This Way!

    With hackers, if a protocol is breakable in a useful way, they’re probably going to try to misuse it. The lack of security and validation in the BGP protocol is very useful to hackers since it allows them to route the traffic of unsuspecting senders and recipients through computers under their control. Depending on the encryption and data authentication protections used, this may allow them to view and modify the traffic and certainly allows them to block it.

    One example of abusing BGP to reroute traffic occurred when China rerouted a significant chunk of global Internet traffic through their servers between 2010 and 2017. One example is when, in 2010, Chinese telecom providers used BGP hijacking to route 18% of all Internet traffic through their systems for eighteen minutes. This is believed to be a test of their capabilities, and it certainly wasn’t the last time that it occurred.

    The research also shows that China isn’t the only one performing these attacks. In December 2017, traffic from tech giants like Apple, Facebook, Google, and Microsoft took the long way around through Russia before continuing on to its intended destination. These attacks demonstrate the power and potential of BGP hijacking. All unencrypted traffic that is hijacked can be viewed and possibly monitored. Even if traffic is unencrypted, this rerouting could allow high-level data collection about the fact that communications exist between different parties.

    The Ends Justify the Means

    Not all BGP hijacking “attacks” are bad though. One benign use for BGP highjacking is to ensure that traffic intended for a certain organization passes through cybersecurity protections before continuing on to its destination.

    This is extremely useful for providers of advanced DDoS protection systems. By advertising specific routes to the sections of the Internet used by their clients, DDoS protection providers can ensure that all traffic intended for their clients first passes through DDoS monitors and scrubbers. This allows them to efficiently detect and remove attack traffic with little or no impact on their client’s infrastructure, providing world-class protection against DDoS attacks.

    BGP Use and Abuse

    The Border Gateway Protocol (BGP) is designed to allow computers to find efficient routes for sending traffic across the Internet. However, it was designed without any security protections, meaning that malicious actors can advertise fake routes and redirect hijacked traffic through routes under their control.

    This ability to hijack BGP can be used for both good and evil. China and Russia have demonstrated the ability and willingness to reroute traffic through their systems on a large scale (15% of all traffic during a test nine years ago), which is useful to intelligence gathering. However, the flaws in the BGP protocol are also used for good purposes, allowing DDoS protection providers to block attacks with minimal modifications to and impact on their clients’ systems.

    Richard
    • Website
    • Facebook
    • Twitter

    Related Posts

    Top Cybersecurity Interview Questions

    June 3, 2022

    The Lowdown on Mobile Porting

    July 26, 2021

    How Do VPNs Help You Protect Your Digital Privacy?

    June 24, 2021
    Categories
    Editors Picks
    Top Reviews
    Gaming

    Is Starting a Business Post-Lockdown a Good Idea?

    By Richard
    SEO

    Why A Second Lockdown Is The Ideal Time To Implement An SEO Strategy

    By Richard
    Guide

    Two Things to Consider Before Calling a Personal Injury Attorney

    By Richard
    Facebook Twitter
    • Home
    • About Us
    • Advertise
    • Write For Us
    • Contact Us
    © 2023 Connection Cafe, All Rights Reserved

    Type above and press Enter to search. Press Esc to cancel.