White House Urges Agencies to Address BGP Vulnerabilities in New Internet Routing Security Roadmap

| Updated on September 9, 2024

On Tuesday, the White House outlined plans to address internet routing security issues, particularly vulnerabilities associated with the Border Gateway Protocol (BGP), central to the internet’s global information routing system. 

BGP is a protocol that is used for exchanging routing information between autonomous systems (AS) on the internet. In the past years, various important vulnerabilities have come to light that can divert internet traffic, disrupt critical infrastructure, obtain sensitive information, or conduct espionage.

It wants federal agencies to work on the networks to deal with the concerns raised by U.S. officials about China’s ability to divert internet traffic. 

The office asked the agencies to implement routing security on their networks and seek U.S. government-contracted service providers to deploy commercially attainable internet routing security technologies.

The report said, “Traffic can be inadvertently or purposely diverted, which may expose personal information; enable theft, extortion, and state-level espionage; disrupt security-critical transactions; and disrupt critical infrastructure operations.” 

The Defense and Justice Departments said BGP has unintentionally allowed China “to disrupt, capture, examine, and alter U.S. traffic.”

FCC Chair Jessica Rosenworcel said these continuous hijacks can expose personal information and promote theft, extortion, and state-level espionage.

The White House Office of the National Cyber Director, in a report, highlighted a list of efforts to address the issues related to BGP, mainly through the adoption of Resource Public Key Infrastructure (RPKI). 

However, the United States is struggling in terms of ROV and ROA implementation (the two components of RPKI) due to some large networks.

The proposed roadmap highlights all the baseline actions for network operators, additional actions for network service providers, steps for the government in collaboration with the IT sector, and some policies advised for the federal government.

Jemima Hunter

Tech Journalist