chris - Fotolia

How should BGP route hijacking be addressed?

A new report from NIST shows how BGP route hijacking can threaten the internet. Expert Judith Myerson reviews the guidance for improving BGP security.

The National Institute of Security and Technology published a report in 2017 that describes how route hijacking threatens secure inter-domain routing. The paper examines how the Border Gateway Protocol is subject to route hijacking because it lacks a mechanism for authenticating routing reports. How does BGP route hijacking work, how does it affect enterprises and what does NIST suggest for mitigation strategies?

The Border Gateway Protocol (BGP) enables routers to exchange and update information about the internet traffic routes they use to transmit and receive packets across autonomous systems (ASes), also known as routing domains.

Internet service providers (ISPs) use BGP to share routing information with other ISPs about the ASes -- also known as routing domains -- they can reach. ISPs and other organizations that do backbone routing depend on BGP to collect and update accurate routing information.

This need to trust other autonomous systems to provide accurate routes is the source of a serious BGP vulnerability. There is no protocol mechanism in place to prevent BGP route hijacking, where false routing information is propagated to core routers spread across internet backbones.

Because BGP can't determine whether it is being used to carry accurate or inaccurate routing information, the ability to spread inaccurate information through BGP route hijacking can lead to unstable traffic routing: Traffic can be routed inefficiently, causing it to take longer than necessary to arrive at its destination.

More troublingly, attackers can use BGP route hijacking to reroute traffic to malicious sites to monitor traffic, carry out man-in-the-middle attacks, or even deny access to specific sites or whole sections of the internet.

This BGP security vulnerability means that the injection of false information through route hijacking is not preventable. Local routing policies within an autonomous system aren't enough to differentiate between malicious and legitimate routes.

The NIST report describes how inter-domain routing can be made more secure against BGP route hijacking by using BGP Route Origin Authorization with resource public key infrastructure. These protocols specify a mechanism for delivering validated prefix origin data to routers in order to prevent BGP route hijacks by requiring that reported routes be verifiably authenticated.

This NIST report is the first part of a project to develop Special Publication SP 800-189, which is currently being prepared, and its recommendations for securely using routing technologies and inter-domain routing protocols like BGP.

Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)

Next Steps

A quick guide to BGP best practices

Dig Deeper on Security operations and management