White House announces plans to revamp data routing security by year-end
Border Gateway Protocol hijacking attacks are becoming more sophisticated, according to National Cyber Director Harry Coker.
Over 50% of IP addresses owned and used by federal agencies will have enhanced data routing security measures in place by the end of the year to help prevent hackers from hijacking digital pathways into government networks, a White House cyber official said Thursday.
The augmentations concern the Border Gateway Protocol, a backbone data transmission algorithm that determines the optimal path for data packets to move across networks, said National Cyber Director Harry Coker during a National Security Telecommunications Advisory Committee meeting.
BGP functionality was first engineered in 1989 to help data swiftly move between computers. The protocol, in essence, helps data find the fastest, least resistant transmission path between point A and point B in a network. But it was built on the premise that all routed information could be trusted, a completely changed dynamic in 2024.
Several Commerce Department bureaus signed contracts two weeks ago that establish route origin authorizations, which are digital certificates that check if a BGP routing pathway is coming from a legitimate source, Coker said, adding that the setup will pave the way for other agencies to follow in the coming months.
“The internet may have been built on blind trust, but for at least two decades, we’ve known that security remediation is in order,” he said. The enhancement would use Resource Public Key Infrastructure, an encryption framework that can protect the protocol from attacks like BGP hijacks, where hackers take over groups of IP addresses by sabotaging routing pathways.
Such takeovers could allow malicious attackers to surreptitiously reroute sensitive federal data. Coker cited a 2018 instance in which a BGP hijack was used to redirect internet traffic through China, posing potential data security risks.
Hijacking attacks have become more sophisticated and could allow hackers to burrow into other foundational internet protocols, including web infrastructure, allowing them to pilfer account credentials or plant malware used to siphon cryptocurrency, he added. Recent incidents have resulted in losses of millions of dollars, he said without providing an exact timeframe.
In the days following Russia’s February 2022 invasion of Ukraine, the Federal Communications Commission launched a proceeding into BGP amid concerns that the conflict could widen into cyberattacks on U.S. infrastructure. The agency next month will vote to require major broadband providers to update the commission regularly on their efforts to shore up the protocol’s defenses.