Open in app

Sign in

Write

Sign in

The Internet’s Fragile Backbone: Understanding BGP and Why It Needs Fixing

Krishanu
4 min readSep 25, 2024

--

Imagine the internet as a giant, wobbly Jenga tower made up of countless protocols that somehow keep the whole thing standing. Among the most essential blocks holding it all together is the Border Gateway Protocol (BGP). It’s the reason you can send a meme to your friend across the world, stream Netflix from your favorite couch, or run your online business. But here’s the catch: BGP was designed over 25 years ago, long before cybersecurity was anyone’s top priority. And like an old lock on a modern vault, it’s vulnerable to attack.

So, what’s the deal with BGP, and why does it matter to every one of us browsing the web?

The Internet’s Sketchiest Piece: What Is BGP?

BGP is the protocol that keeps the global internet up and running. Think of the internet as a network of interconnected highways, where BGP is the system that directs traffic. Every time you type a URL, BGP figures out the best route for that data to take, ensuring it gets from one network to another.

But here’s where things get sketchy. BGP relies on trust. When one network announces a change in traffic routes, BGP just nods and says, “Cool, I’ll send traffic that way now.” It doesn’t check if the network has the authority to make that change. As a result, malicious actors can exploit this trust to redirect traffic, sometimes intercepting sensitive information like passwords, emails, and financial transactions. As one tech expert put it, BGP runs on “trust me bro vibes.”

The Real-World Consequences of a Broken Protocol

If BGP fails, the internet can break in some pretty dramatic ways. Take YouTube in 2008 — a simple BGP misconfiguration by Pakistan’s government led to YouTube going down worldwide for hours. More recently, in 2018, Amazon Route 53’s DNS traffic was hijacked, redirecting users to malicious websites. And in 2021, Facebook and Instagram went dark for hours due to a BGP mishap.

These events highlight a harsh truth: the internet is not only the greatest creation of humankind, but it’s also incredibly fragile. Attackers don’t need to break into your device — they can simply reroute traffic at the infrastructure level.

A Modern Fix: Enter RPKI

Luckily, there’s hope. A new cryptographic solution called Resource Public Key Infrastructure (RPKI) is designed to fix BGP’s vulnerabilities. RPKI works by cryptographically verifying the authenticity of route announcements. This means that when a network announces a new route, RPKI checks if that network has the authority to do so, preventing accidental or malicious hijacks.

The EU is leading the charge when it comes to adopting RPKI, and they’re ahead of the U.S. in securing their networks. But for RPKI to be effective worldwide, we need global adoption — and that’s where the conversation needs to head next.

Why BGP Vulnerabilities Matter to Everyone

You might be wondering, “Why should I care about BGP? I just use the internet; I’m not building it.” The reality is that the internet is a shared resource, and its weaknesses can affect everyone. Route hijacking isn’t just a tech problem — it can lead to phishing attacks, loss of sensitive data, and even cause major disruptions in the global economy.

As the internet grows more integrated into every aspect of life, security vulnerabilities like BGP’s flaws become a threat to individuals, businesses, and even entire nations. And with cyberattacks on the rise, understanding these risks is the first step to protecting yourself and the web at large.

Learning the Foundations: Computer Science for the Win

What’s the best way to protect the internet’s fragile infrastructure? By learning more about how it works. Understanding computer science empowers people to improve, safeguard, and fix issues like BGP vulnerabilities. And the good news is that learning about this stuff is easier than ever.

Platforms like Brilliant.org offer hands-on courses in programming, computer science, and even artificial intelligence. As the Code Report puts it, “You’ll start to look at the world like a programmer,” and that’s the mindset we need to keep the internet safe.

Fixing the Internet One Step at a Time

The internet may be the greatest creation in human history, but it’s built on an aging foundation that needs constant attention and improvement. BGP’s vulnerabilities are just one of the many cracks in that foundation. RPKI is a step in the right direction, but broader adoption is needed to secure the web for everyone.

And the truth is, the more we all understand about how the internet works, the better we can protect it. Whether you’re a seasoned developer or just someone who loves watching Netflix, learning about cybersecurity and supporting the push for modern solutions like RPKI can make a real difference.

Key-takeaway: The internet’s foundation is vulnerable, and we all have a role in securing it by learning about protocols like BGP and embracing modern security solutions like RPKI.

Recommendations:

  • Stay informed about internet vulnerabilities like BGP and how they affect everyday browsing.
  • Explore RPKI and support its adoption by encouraging your ISP or organization to implement it.
  • Use strong passwords, enable two-factor authentication, and be mindful of online security.
  • Consider taking a course in computer science or cybersecurity to deepen your understanding of the internet’s inner workings.
  • Educate others about the importance of internet security and advocate for global efforts to protect the web’s infrastructure.
Cybersecurity
Internet Protocol
Bgp
Technology

--

--

Krishanu
Krishanu

Written by Krishanu

6 Followers
4 Following

Tech tinkerer & IT professional. I break down internet mysteries with humor, geeky insights & quirky content. Join me for laughs, learning, & digital adventures

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams