Engineers look to fix Internet routing weakness
Internet traffic can be maliciously routed in order to spy on communications
IDG News Service - IT engineers are studying what may be an easier way to fix a long-existing weakness in the Internet's routing system that has the potential to cause major service outages and allow hackers to spy on data.
The problem involves the routers used by every organization and company that owns a block of IP addresses. Those routers communicate constantly with other routers, updating their internal information -- often upwards of 400,000 entries -- on the best way to reach other networks using a protocol called Border Gateway Protocol (BGP).
BGP enables routers to find the best path when, say, a network used to retrieve a web page from South Korea is not working properly. Changes in that routing information are distributed quickly to routers around the world in as few as five minutes.
But the routers do not verify that the route "announcements," as they are called, are correct. Mistakes in entering the information -- or worse yet, a malicious attack -- can cause a network to become unavailable.
It can also cause, for example, a company's Internet traffic to be circuitously routed through another network it does not need to go through, opening the possibility the traffic could be intercepted. The attack is known as "route hijacking," and can't be stopped by any security product.
When routing problems erupt, "it's very difficult to tell if this is fat fingering on a router or malicious," said Joe Gersch, chief operating officer for Secure64, a company that makes Domain Name System (DNS) server software. "It could be a trial run for cyberwarfare."
Data shows that as much as one-third of the world can't reach portions of the Internet at a time due to routing problems, Gersch said.
In February, a routing mistake caused the international traffic for Australian operator Telstra to go through its competitor's network, Dodo, which couldn't handle the traffic surge. In a well-known incident, Pakistan Telecom made an error with BGP after Pakistan's government ordered in 2008 that ISPs block YouTube, which ended up knocking Google's service offline.
In March 2011, a researcher noticed that traffic destined for Facebook on AT&T's network strangely went through China for a while. While the requests would normally go directly to Facebook's network provider, the traffic first went through China Telecom and then to SK Broadband in South Korea before routing to Facebook. Although the incident was characterized as a mistake, it would have been possible for unencrypted Facebook traffic to have been spied on.
"The broader problem here is that much of this critical infrastructure simply relies on players behaving correctly," said Dan Massey, an associate computer science professor at Colorado State University. "In a truly global system like the internet, you must assume that organizations will occasionally make unintentional mistakes."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts