FCC looks into BGP vulnerabilities, in light of Russian hacking threat

A core internet routing protocol is at the center of a proposed FCC investigation amid potential threats to the internet at large from state actors like Russia.

cso security global breach networking hack invasion infiltrate 5g connected gettyimages 1211443622
dkosig / Getty Images

The FCC is launching an inquiry into security issues surrounding the Border Gateway Protocol (BGP), a widely used standard used to manage interconnectivity between large portions of the Internet.

The move, announced Monday, was issued in response to "Russia's escalating actions inside of Ukraine," according to the commission's notice of inquiry.

BGP is, in essence, a method of ensuring that independently managed networks that make up the global internet are able to communicate with one another. Its initial design, which the FCC said is still in widespread use today, does not contain important security features, meaning that, simply by misconfiguring its own BGP information, a bad actor could potentially redirect Internet traffic wherever it sees fit. This could let that attacker send incorrect information to its targets, read and compromise login credentials, or simply shut down whichever kinds of traffic it wishes.

The potential consequences of a BGP hack are extreme, the FCC said, noting that the types of network effects such an attack can cause include fallout for critical infrastructure like financial markets, transportation and utility systems.

There are security frameworks out there for BGP — the Internet Engineering Task Force and National Institute of Standards and Technology have both created several standards to make BGP more secure, among other projects with that aim in mind — but the FCC said that many networks have not taken advantage of them and remain vulnerable.

To continue reading this article register now