As the core routing system for the Internet, BGP finds the most efficient route for Internet data to be transmitted around the world, deciding which “links” carry Internet data. BGP is most commonly used within and between Internet Service Providers (ISPs). If the domain name system (DNS) is the Internet’s address book, then BGP is its navigation system providing turn-by-turn directions for all Internet connections.
By hijacking these BGP translations, attackers can drive unsuspecting surfers and corporate users to malicious sites, making large parts of the ‘Net largely useless or insecure. They can also intercept corporate e-mail, financial transactions, and other highly sensitive data and personal information. The financial and security implications associated with such acts can be tremendous.
“The possibility of BGP hijackings are nothing new, but what is new is that we've entered an age of sophisticated cybercrime and potentially even cyber 'warfare' where the stakes are higher than ever to protect sensitive data,” said Rodney Joffe, Senior Vice President and Senior Technologist at Neustar, Inc. “It is good to see such services like ActiveTrust BGP protecting blind spots that were created long ago in the Internet’s infrastructure that we're seeing exploited now.”
The recent BGP incident where 15 percent of the world’s Internet traffic routes were advertised by a Chinese state-controlled telecommunications company shows how vulnerable organizations are to BGP exploits. In that case, China Telecom advertised erroneous BGP routes that funneled traffic for websites, email and other transactions of the U.S. Senate, Department of Defense, NASA and Department of Commerce through Chinese networks before it reached its intended destination.
ActiveTrust BGP proactively identifies, alerts for and mitigates malicious or accidental routing issues such as the incident in China, helping secure web, data and messaging transactions. Not a mere monitoring solution, ActiveTrust BGP provides action in three critical ways:
* Detect – Numerous automated systems constantly probe the BGP infrastructure for any malicious or accidental configuration issues affecting an organization and its extended enterprise like business partners, ISPs and more. The IID team instantly alerts an organization when it identifies a suspicious change within its extended enterprise’s BGP routing infrastructure. * Diagnose – IID’s 24/7 expert team layers human intelligence and insight onto an automated system, determining the likely importance and impact of a given BGP change. The team immediately communicates critical issues to designated stakeholders within the customer organization. * Mitigate – Through IID’s relationships with key Internet infrastructure providers, law enforcement authorities, security partners and more, it brings all parties together including extended enterprise partners, ISPs, domain registrars, software vendors, etc. to resolve the issue in a timely fashion.
“Unless the core routing principals for the Internet changes, there will be no magic potion to stop BGP hijacking,” said IID President and CTO Rod Rasmussen. “Until then, the only way to limit damage from such attacks is to detect, diagnose and mitigate them as soon as possible – and ActiveTrust BGP does just that.”
ActiveTrust BGP complements IID’s other Internet infrastructure security product – ActiveTrust DNS. ActiveTrust DNS actively secures another part of Internet infrastructure in DNS, essentially the address book for the Internet.
“IID continually shows innovation and leadership with solutions which are helping protect the Internet’s infrastructure,” said Craig Spiezle, Executive Director of the Online Trust Alliance (OTA). “The introduction of ActiveTrust BGP is a major step in protecting businesses from emerging threats and enhancing consumer trust and confidence, fundamental to the future of commerce.”
Pricing for ActiveTrust BGP is available upon request.
IID (Internet Identity) has been providing technology and services that secure the Internet presence for an organization and its extended enterprise since the company was founded in 1996. It recently started delivering the industry’s first and only solution for detecting, diagnosing and mitigating border gateway protocol (BGP) and domain name system (DNS) security and configuration issues for an organization and its extended enterprise. IID also provides anti-phishing, malicious software (malware) and brand security solutions for many of today’s leading financial services firms, e-commerce, social networking and ISP companies, and more. The company is working hard to deliver solutions that help keep the Internet safe and trusted for businesses. IID is headquartered in Tacoma, Washington. More information can be found at www.internetidentity.com.