{"id":45512,"date":"2022-03-01T22:09:00","date_gmt":"2022-03-01T22:09:00","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/fcc-looks-into-bgp-vulnerabilities-in-light-of-russian-hacking-threat\/"},"modified":"2022-03-01T22:09:00","modified_gmt":"2022-03-01T22:09:00","slug":"fcc-looks-into-bgp-vulnerabilities-in-light-of-russian-hacking-threat","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/fcc-looks-into-bgp-vulnerabilities-in-light-of-russian-hacking-threat\/","title":{"rendered":"FCC looks into BGP vulnerabilities, in light of Russian hacking threat"},"content":{"rendered":"
<\/div>\n

The FCC is launching an inquiry into security issues surrounding the Border Gateway Protocol (BGP), a widely used standard used to manage interconnectivity between large portions of the Internet.<\/p>\n

The move, announced Monday, was issued in response to “Russia’s escalating actions inside of Ukraine,” according to the commission’s notice of inquiry.<\/p>\n

BGP is, in essence, a method of ensuring that independently managed networks that make up the global internet are able to communicate with one another. Its initial design, which the FCC said is still in widespread use today, does not contain important security features, meaning that, simply by misconfiguring its own BGP information, a bad actor could potentially redirect Internet traffic wherever it sees fit. This could let that attacker send incorrect information to its targets, read and compromise login credentials, or simply shut down whichever kinds of traffic it wishes.<\/p>\n

The potential consequences of a BGP hack are extreme, the FCC said, noting that the types of network effects such an attack can cause include fallout for critical infrastructure like financial markets, transportation and utility systems.<\/p>\n

There are security frameworks out there for BGP \u2014 the Internet Engineering Task Force and National Institute of Standards and Technology have both created several standards to make BGP more secure, among other projects with that aim in mind \u2014 but the FCC said that many networks have not taken advantage of them and remain vulnerable.<\/p>\n

Hence, the commission’s inquiry has several goals, including the identification of the possible harms that could result from malicious attacks on BGP, methods of monitoring for BGP attacks, and any potential ways to accelerate the deployment of security standards for BGP.<\/p>\n