Border Gateway Protocol: A Gaping Security Hole in the Internet


Two researchers, Alex Pilosov and Anton Kapela, have concocted a technique to exploit the Border Gateway Protocol (BGP) – internet’s core routing protocol. They demonstrated their technique at the DefCon hacker conference in Las Vegas. The threat emanates from the innate credulity of the routing protocol : the BGP apparently is designed to trust all nodes and can be exploited to redirect insane volumes of internet traffic to malevolent networks.

It can be used for spying at a truly unprecedented scale. No, we are not talking about stalking someone on Facebook but nation-state espionage. Millions of users can be exposed within moments of such an attack. A few solutions have already been propounded, but ISPs seem to be watching quietly from the sidelines.

Image Credit: Tech Target

Around the web