In a bid to enhance internet security and protect communications networks from cyber threats, the Federal Communications Commission (FCC) has proposed new measures targeting internet routing security.
This initiative mandates broadband providers to develop and report their Border Gateway Protocol (BGP) security plans, with the largest providers also required to file quarterly progress reports.
Secure routing
Announced earlier today, FCC's proposal aims to mitigate vulnerabilities in BGP, a foundational protocol for internet routing that lacks inherent security features. BGP is responsible for exchanging routing information between networks, but its outdated design makes it susceptible to malicious actions such as BGP hijacks. These attacks can redirect internet traffic, potentially exposing personal data, enabling cybercrime, and disrupting essential services.
The FCC's proposed rulemaking includes several key requirements:
- Broadband providers must create and update comprehensive BGP security risk management plans annually. These plans will outline their strategies and progress in implementing security measures, particularly those utilizing the Resource Public Key Infrastructure (RPKI), a critical component of BGP security.
- The nine largest broadband providers will file their BGP security plans confidentially with the FCC. Additionally, they must provide quarterly public data on their progress in adopting RPKI-based security measures, allowing the FCC to monitor their implementation and effectiveness. Providers meeting a specified security threshold may be exempt from filing subsequent detailed plans.
- Smaller broadband providers will not be required to submit their plans to the FCC but must make them available upon request.
The FCC's action recognizes the significant efforts by various stakeholders over the past two decades to address BGP vulnerabilities. However, the commission emphasizes that further work is essential to secure internet routing, which is crucial for public safety and national security.
The proposal is part of a broader effort to enhance the resilience of America's communications infrastructure against cyber threats. By enforcing stricter reporting requirements and promoting the adoption of advanced security measures like RPKI, the FCC aims to safeguard internet traffic from malicious actors and ensure the integrity of critical data exchanges.
BGP and RPKI
BGP, established in the early days of the internet, facilitates the exchange of routing information between autonomous systems. However, its lack of intrinsic security features leaves it vulnerable to attacks where bad actors can manipulate routing information to intercept or misdirect traffic.
RPKI is a security framework designed to address these vulnerabilities. It provides a way to verify the authenticity and authorization of routing announcements, significantly reducing the risk of BGP hijacks. Implementing RPKI across broadband networks is seen as a vital step in fortifying internet routing security.
Call for comments
The FCC is seeking public comments on the proposed rulemaking and other related measures to enhance BGP security. This inclusive approach aims to gather insights from a wide range of stakeholders, ensuring that the final regulations are robust and effective.
To protect against BGP vulnerabilities, the FCC's proposal underscores the importance of adopting RPKI-based security measures. Broadband providers, especially the largest ones, should prioritize developing and regularly updating their BGP security plans. Additionally, public and private stakeholders must collaborate to share best practices and enhance the overall security posture of internet routing.
Frontier Communications Clients Impacted by Data Breach Incident
Leave a Reply