Internet routing

BGP Security Enhancements Supported by Justice, Defense Departments

The Department of Justice’s National Security Division and the Department of Defense have informed the Federal Communications Commission of their support for the enhancement of internet routing security. Both agencies recommended that the FCC employ technical security standards and increased transparency to address vulnerabilities in the Border Gateway Protocol, which dictates how and where data is transmitted on the internet. The FCC said in March that BGP vulnerabilities were endangering personal and commercial data and communications, the DOJ said Wednesday.

The FCC commenced a probe on secure internet routing in March, investigating how foreign adversaries such as Russia could exploit BGP weaknesses to interfere with communications and commerce activities online. The agency subsequently issued a Federal Register notice soliciting public input on more vulnerabilities in the protocol.

Commenters said that routing security involves multiple stakeholders worldwide and that U.S. rulemaking would not be appropriate. Suggestions included potential collaboration among network operators and existing best practices developed by industry groups.

In July, the Cybersecurity and Infrastructure Security Agency delivered comments to the FCC supporting a more secure border gateway protocol. According to Jen Easterly, CISA director and 2022 Wash100 winner, the FCC should prioritize addressing national security risks over service provider concerns about the business impact of regulating the BGP.