Recommendation: Grasp the risk from BGP Hijacking

It is really important that ever organization grasp the risk from BGP Hijacking. The CIO, CISO, Security Professional, Network Engineers, and all others in the organization must understand that the BGP Hijacking Threat to their organization is Real.  Miscreants have BGP hijacked critical resources away from the owning organization and caused damage. These BGP Hijacks have happened and will happen again. It will be a while before we have a massive deployment of BGPSEC and RPKI throughout all telecom and the world. So taking action now to minimize the risk is critical. 

Where do we start our “BGP Hijack Knowledge Empowerment?” Fortunately, we have peers on the Internet who explain it for us. 

First, look back at the BGP, RTBH, and other training videos from the early 2000s @ NANOG, APRICOT, and RIPE. The concept of moving traffic around the Internet is core to the Internet.

Second, watch NANOG 44 – Stealing the Internet by Anton Kapela, 5Nines Data Alex Pilosov, Pilsoft

Abstract: https://www.nanog.org/meetings/abstract?id=878

Slides: https://www.nanog.org/meetings/nanog44/presentations/Tuesday/Kapela_steal_internet_N44.pdf

Video: https://youtu.be/JmCyJtlMT18

Nick Feamster has a good YouTube explanation on the Kapala Attack on BGP that is worth watching.

This is a talk linking back to Anton’s reaction to the DEFCON 16 talk: Stealing The Internet – A Routed, Wide-area, Man in the Middle Attack

Slides: https://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-pilosov-kapela.pdf

Video & Slides: Stealing The Internet – A Routed, Wide-area, Man in the Middle 

Third, listen to NANOG 45 – Hijacking and Tools by Joel Jaeggli and Andree Toonk

Abstract: https://www.nanog.org/meetings/abstract?id=1332

Slides: https://www.nanog.org/meetings/nanog45/presentations/Sunday/Jaeggli_hijacking_detection_N45.pdf

https://www.nanog.org/meetings/nanog45/presentations/Sunday/Toonk_bgpmon_N45.pdf

Forth, listen to the NANOG 46 – Hijacking Mitigation: Something is Better Than Nothing:

Abstract: https://www.nanog.org/meetings/abstract?id=1379

Video: https://youtu.be/zBBSOFafkuo

Slides https://www.nanog.org/meetings/nanog46/presentations/Monday/Daly_Prefix_Hijack_N46.pdf

Finally, please watch the NANOG 63 2015 talk from Andree Toonk – Recent BGP routing incidents – malicious or not

Abstract: https://www.nanog.org/meetings/abstract?id=2476

Slides: https://www.nanog.org/sites/default/files/monday_general_bgp_toonk_63.18.pdf

Video: https://www.youtube.com/watch?v=t7ilZxXFYYQ


Back to the main guide BGP Route Hijacks & Routing Mistakes – What can be done Today?

These BGP security materials are provided to help people around the Internet understand how do their part to deploy a more resilient BGP infrastructure.  Seek out more information on www.senki.org.