What to do about BGP hijacks

Some carriers view measures to improve routing security as a hinderance rather than as a safeguard to enable business. The BGP protocol itself has no inherent safety mechanisms, so the network operator has to ensure adequate layers of protection are implemented on the boundary between their own network and the Internet.

Normalcy bias may play a role, I see carriers target short term gain by heavily relying on the assumption that there will never be any misconfigurations or malicious attacks. Of course yesterday’s incident shows otherwise.

For many networks the topic of routing security becomes a priority, only after they’ve suffered the consequences of an incident.

In the long term, the best way to protect against this type of BGP hijacking is to require your connectivity suppliers to implement relevant security measures. Also require full incident reports after BGP hijacks through your provider or IXP have been observed.

The moment it becomes socially unacceptable to operate an Internet network without adequate protections in place, there is economic incentive to view routing security efforts as a competitive advantage rather than a nuisance.

Consider voting with your wallet, this applies to both IP transit carriers and IXP route server operators. Ask your suppliers what they are doing to prevent BGP hijacks.

Ars Technica has a great write-up on the latest BGP hijacking incident. This MANRS article is on point as well.