A core internet routing protocol is at the center of a proposed FCC investigation amid potential threats to the internet at large from state actors like Russia. Credit: dkosig / Getty Images The FCC is launching an inquiry into security issues surrounding the Border Gateway Protocol (BGP), a widely used standard used to manage interconnectivity between large portions of the Internet. The move, announced Monday, was issued in response to “Russia’s escalating actions inside of Ukraine,” according to the commission’s notice of inquiry. BGP is, in essence, a method of ensuring that independently managed networks that make up the global internet are able to communicate with one another. Its initial design, which the FCC said is still in widespread use today, does not contain important security features, meaning that, simply by misconfiguring its own BGP information, a bad actor could potentially redirect Internet traffic wherever it sees fit. This could let that attacker send incorrect information to its targets, read and compromise login credentials, or simply shut down whichever kinds of traffic it wishes. The potential consequences of a BGP hack are extreme, the FCC said, noting that the types of network effects such an attack can cause include fallout for critical infrastructure like financial markets, transportation and utility systems. There are security frameworks out there for BGP — the Internet Engineering Task Force and National Institute of Standards and Technology have both created several standards to make BGP more secure, among other projects with that aim in mind — but the FCC said that many networks have not taken advantage of them and remain vulnerable. Hence, the commission’s inquiry has several goals, including the identification of the possible harms that could result from malicious attacks on BGP, methods of monitoring for BGP attacks, and any potential ways to accelerate the deployment of security standards for BGP. “Ensuring continued U.S. leadership requires that we explore opportunities to spur trustworthy innovation for more secure communications and critical infrastructure,” the FCC said. BGP hijacks can occur by mistake, rather than through malicious activity — but either way, their effect can be far-reaching. One incident, in April 2020, saw traffic meant for some of the biggest names on the internet, including Google, Facebook and Amazon, briefly redirected through Russia’s state-owned ISP, Rostelecom. A second “hijack” that same month sent traffic to Rostelecom from Visa and Mastercard, among others. The Mutually Agreed Norms for Routing Security (or MANRS) project, run by the Internet Society, said that it identified about 775 incidents as possible BGP hijacks in 2021 alone. “The FCCs announcement is about issues inherent to BGP but it also applies to the ecosystem of network providers and operators. It asks for comments on security mitigations, controls, and the degree of regulatory oversight necessary across the ecosystem of network operators and providers (and quite a bit more than that),” said Forrester Vice Presidnet and Principal Analyst Jeff Pollard. “This is less about discovering what’s new or interesting with respect to BGP and more about building momentum to make necessary changes that make BGP more secure given its importance. The internet doesn’t work without it,” Pollard said. Related content news Network jobs watch: Hiring, skills and certification trends What IT leaders need to know about expanding responsibilities, new titles and hot skills for network professionals and I&O teams. By Denise Dubie May 06, 2024 6 mins Careers Data Center Networking feature IBM’s bets on AI and hybrid cloud pay off Three key differentiators of IBM’s AI and cloud offerings are cross-platform automation, integration with multiple clouds, and tie-ins to IBM professional services. By Jeff Vance May 06, 2024 9 mins Hybrid Cloud Network Management Software Cloud Computing analysis What is a virtual machine, and why are they so useful? Many of today’s IT innovations have their roots in virtual machines (VM) and their ability to separate software from hardware. By Keith Shaw May 03, 2024 9 mins Virtualization Data Center Networking analysis What is DNS and how does it work? The Domain Name System resolves the names of internet sites with their underlying IP addresses, adding efficiency and security in the process. By Josh Fruhlinger and Keith Shaw May 03, 2024 11 mins Internet Networking PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe