Opinions expressed by Entrepreneur contributors are their own.
Border Gateway Protocol (BGP) Hijacking is one of the many famous attacks hackers deploy to interfere with content delivery networks (CDNs). Hackers may also be capable of interfering with cloud hosting providers. Recently, almost all major cloud service providers like Google, Amazon andGoDaddy have become victims of BGP Hijacking.
Before getting into the depth of how BGP hijacking occurs, it is important to delve into BGP. BGP is essentially a routing protocol that can connect several networks. This congregation of networks is known as an Autonomous System (AS). A routing protocol is used to transfer information or data packets across several networks.
Typically, an AS consists of ISP providers, large tech enterprises, or in some cases, networks that belong to governments. Every AS receives a unique number responsible for controlling a specific set of IP ranges or spaces known as prefixes. Every AS displays the list of IP addresses they control and possible pathways to neighboring routers or Peers during data packet routing.
The information regarding the peers and the IPs in control are stored in routing tables and frequently change when new networks and shorter pathways appear.
Related:For the AverageHacker, Your Small Business Is an Ideal Target
The primary consequence of BGP hijacking is that hackers can reroute information traveling through a network to different locations. They can do so using the following steps:
The first step is to send out an announcement of new BGP routes. This announcement will only be believable if it is announced by a legitimate AS. The bad actor will use a compromised AS to do so. The route announcement usually involves releasing a table of all the available prefixes or IP ranges. If all goes well, they will announce new BGP routes to their global network peers.
The IP addresses chosen for display are more specific in comparison to legitimate IP addresses. In most cases, hackers employ unused prefixes, or IP ranges present on real and legitimate AS networks. This can help to improve the chances of concealing the hackers' identity drastically.
The information pathway is only intercepted if the hackers can prove that the new route is shorter. The more efficient they show their network to be, the more information will be intercepted.
BGP hijacking is one of the more prevalent cyberattacks currently. In fact, in April 2018, attackers infiltrated Amazon Route 53. They then went on to reroute 1,300 addresses hoping to steal cryptocurrency. The hackers were able to avoid suspicion by acting as a cryptocurrency website known as MyEtherWallet.com. They subsequently stole around $150,000 in cryptocurrency from end-users. Therefore, companies, both big and small, require a response plan to incapacitate the attacker.
A typical incident response attack after a BGP hijacking takes place can be far from easy. This is because of how hackers can conceal themselves. However, in most cases, companies carry out a three-step incident response plan.
These steps include detection, containmentand eradication. Of these, the containment step is especially challenging, given that route announcements can take place rapidly.
Related:CryptoHacker'sData Vulnerable to FBI Through Palantir Glitch
To prevent this cyberattack, companies will have to either rely on the measures put forward by their ISP or implement their security measures. The latter has to take place if the company owns the AS network.
Companies that depend on the security measures put forward by their ISPs will have to constantly contact the providers to ensure that the vulnerabilities within the network are eradicated.
In the second case, an organization should consider carrying out the following steps:
Create a peering policy that can help peers to determine the legitimacy of the IP addresses. A company has a choice between an open peering policy and a selective one depending on its needs from its network.
MANRS (Mutually Agreed Norms for Routing Security) is a collection of best practices organizations can utilize to protect their networks from BGP hijacking. Therefore, it is important to incorporate this in the security measures.
Restrict the number of prefixes or IP ranges displayed by an AS network to limit the number of announcements being made.
Implement authentication checkpoints through which an operator has to go through before accepting an announcement.
In addition to this, organizations also turn to route filtering, real-time BGP update checks and more to ensure that hackers cannot hijack the network. However, an automated response tool is the most impressive and accurate security measure that an organization can invest in. This tool will work as both a detector and mitigation tool to help prevent hijacking.
Although there has been a rise in cases of BGP hijacking in the past few years, organizations today are more equipped to handle it with the drastic enhancement of security options.
Related:5 Types of Business DataHackersCan't Wait to Get Their Hands On
- Rebranded Ransomware Group Sabbath Hitting Hospitals and Schools - JD Supra - December 3rd, 2021
- This 10TB cloud storage is cheaper than buying a Starbucks but it ends today - TechRadar - December 3rd, 2021
- Crypto Promoter Charged With Scamming Investors Out of Millions | Chief Investment Officer - Chief Investment Officer - December 3rd, 2021
- Coevolve announces important new hires and expansion in the European market - EnterpriseTalk - December 3rd, 2021
- Top trends in tech transformation - Lexology - December 3rd, 2021
- Verint Announces Strong Third Quarter Results, Raises Guidance and Three-Year Targets - marketscreener.com - December 3rd, 2021
- Network monitoring makes the cloud Connection | Daily News - IBC365 - December 2nd, 2021
- Let's Talk About IT Ep. 23 The Transformation of the DOD in the Cloud - FedScoop - December 2nd, 2021
- Key features of the newly launched Virto Commerce Cloud - AppleMagazine - December 2nd, 2021
- Cloudbazaar 2021 Brings Together Internet Leaders To Discuss The Future Of E-commerce - Yahoo Finance - December 2nd, 2021
- gotomyerp Co-founder And CEO, Robert Eppele, Has Been Named One of the 10 Best Inspiring Leaders of the Year 2021 by CIO Bulletin - PR Web - December 2nd, 2021
- Brighton and Hove News Brighton tech business wins national award - Brighton and Hove News - December 2nd, 2021
- Qatar among the biggest adopters of cloud in region - The Peninsula - December 2nd, 2021
- Lost SEO traffic in 2021? Here are 3 potential reasons why (and how to recover your rankings heading into 2022) - Search Engine Land - December 2nd, 2021
- $3.98 for 10TB online is what the best Cyber Monday cloud storage costs and it's exclusive to TechRadar - TechRadar - December 2nd, 2021
- Explore cloud-native vs. cloud-based vs. cloud-enabled apps - TechTarget - November 28th, 2021
- Clevelands vision for Blockland has stalled. Could Northeast Ohio still be a hub for blockchain? - cleveland.com - November 28th, 2021
- gotomyerp Has Been Listed As One Of The Top 50 Best Companies Of 2021 By The CEO Views - Longview News-Journal - November 28th, 2021
- Lumberjacks honor McPhail with jersey retirement - and 15th-straight win - St. Cloud Times - November 28th, 2021
- Accenture to Drive Organon's ERP Transformation with SAP on AWS - Inside SAP Magazine - November 28th, 2021
- FlashDrive Automates The Process Of Hosting Apps for Businesses in A Revolutionary Way - Yahoo Finance - November 24th, 2021
- The cloud complexity storm & changing organizational dynamics of IT Highlights from VotE: Cloud, Hosting & Managed Services - S&P Global - November 24th, 2021
- Adobe : How to send documents and information with enhanced security - marketscreener.com - November 24th, 2021
- Axtria to Lead Several Events on the Future of Digital Transformation, Product Design, and Product Leadership Opportunities for Women at NASSCOM... - November 24th, 2021
- HEALTHCARE TRIANGLE, INC. Management's discussion and analysis of financial condition and results of operations. (form 10-Q) - marketscreener.com - November 24th, 2021
- Great Tips For Web Optimization That Can Also Help In Mobile Application Development - WhaTech - WhaTech - November 24th, 2021
- Udacity to host international STEM Forward with Women conference featuring industry leaders from Microsoft, Saudi Telecom, HSBC, Sky, KPMG & more... - November 24th, 2021
- How to Preserve and Share Grandma's Recipes - WIRED - November 24th, 2021
- Google Cloud partially fixes load balancer SNAFU that hit Discord, Spotify, others today - The Register - November 20th, 2021
- TI will splash out up to $30B on wafer fabs - The Register - November 20th, 2021
- Intel audio drivers give Windows 11 the blues and Microsoft Installer borked following security update - The Register - November 20th, 2021
- Ubuntu desktop team teases 'proof of concept' systemd on Windows Subsystem for Linux - The Register - November 20th, 2021
- Netlify acquires OneGraph: One API to rule them all? - The Register - November 20th, 2021
- Boffins find way to use a standard smartphone to find hidden spy cams - The Register - November 20th, 2021
- Thousands of Firefox users accidentally commit login cookies on GitHub - The Register - November 20th, 2021
- America, when you're done hitting us with the ban hammer, see these on-prem Zoom vulns, says Positive - The Register - November 20th, 2021
- VMware pulls vSphere update that only made things worse - The Register - November 20th, 2021
- Everything but the catch: '90s pop act or a successful mission for Rocket Lab? - The Register - November 20th, 2021
- Ready, player anyone? China's gaming ban left cloud providers looking for someone to play with - The Register - November 20th, 2021
- Riverbed Technologies files for Chapter 11 bankruptcy protection following pandemic 'headwinds' - The Register - November 20th, 2021
- AWS adds Linux app streaming alongside Windows to 'greatly lower' cost - The Register - November 20th, 2021
- Korea gives Google and Apple another kick for requiring their own payment systems - The Register - November 20th, 2021
- Citrix initiates 'Restructuring Program' jobs and facilities to go - The Register - November 20th, 2021
- MediaTek's flagship 5G chip for top-of-the-line Android smartphones is coming right up - The Register - November 20th, 2021
- Is mass cloud adoption going to last forever, or is it just a phase? - ITProPortal - November 20th, 2021
- 'We are not people to Mark Zuckerberg, we are the product' rages Ohio's Attorney General in Facebook lawsuit - The Register - November 20th, 2021
- The Rust Foundation gets ready to Rumbul (we're sure new CEO has never, ever heard that joke before) - The Register - November 20th, 2021
- Sage Sessions X3 kicks off in Orlando with focus on empowering customers and partners to thrive - Yahoo Finance - November 15th, 2021
- Telenor taps Google Clouds AI and analytics expertise to target a bigger slice of the digital transformation market - TelecomTV - November 15th, 2021
- New Apprenticeship Hosting Webinar As Part of National Apprenticeship Week To Help Address Tech Talent Gap - Yahoo Finance - November 15th, 2021
- Cybersecurity and OWASP in an Increasingly Digital World - tripwire.com - November 15th, 2021
- Successful CEO Guru Releases New Spin on Business Leadership and Audios of His Entrepreneur How-To Guide and Savvy Disruptive Tech Prediction Books -... - November 15th, 2021
- Domopalooza Returns to Salt Lake City Focusing on Future of Business and Data - Business Wire - November 15th, 2021
- During this pre-Black Friday sale, get an additional 15% off domain names and lifetime web hosting deals - ZDNet - November 8th, 2021
- Valeo Networks Acquires On Time Tech, Further Accelerating National Growth Strategy - PRNewswire - November 8th, 2021
- Huobi is migrating its spot trading business from Seychelles to Gibraltar - The Block Crypto - November 8th, 2021
- Outlook on the Cloud Hosting Service Market to 2026 by Application, End-user and Geography - Northwest Diamond Notes - November 8th, 2021
- Overview of the Different Types of Web Hosting - E/The Environmental Magazine - November 8th, 2021
- Microsoft bags major win over Amazon in cloud battle - TechRadar - November 8th, 2021
- 6 web hosting and domain deals on sale - Mashable - November 8th, 2021
- Managed Hybrid Cloud Hosting Market to Witness Rapid Growth by 2028 | Amazon Web Services (AWS), Microsoft, Tata Communications The Host - The Host - November 8th, 2021
- QuestDB snares $12M Series A with hosted version coming soon - TechCrunch - November 8th, 2021
- Using Open-Source Intelligence for Mergers and Acquisitions - Security Intelligence - November 8th, 2021
- Huawei might have to sell its server division following US sanctions - TechRadar - November 8th, 2021
- Bitdeer Group Showcases Diversity With New Filecoin Mining Option Press release Bitcoin News - Bitcoin News - November 8th, 2021
- Forget Windows 11 hardware requirements, Windows 365 is here to save the day - TechRadar - November 8th, 2021
- Teledata and Sudlows win New Design/Build Data Centre Project of the Year at Prestigious DCS Awards - Business Manchester - November 8th, 2021
- Linda Visnick: Observing the Business World with an Innovative Eye - Analytics Insight - November 8th, 2021
- Southeast Asia Web Hosting Services Market 2021 Size Strong Revenue and Competitive Outlook : Amazon Web Services, AT & T, Google, GoDaddy,... - November 8th, 2021
- Cloud computing in the public sector: a distant dream or the near future? - ComputerWeekly.com - November 1st, 2021
- NSA, CISA Weigh in on Shared Responsibility for Cloud Security in the 5G Era - Nextgov - November 1st, 2021
- "wasmCloud allows us to rethink the cloud as just a stop on the way" - JAXenter - November 1st, 2021
- Why should organizations look towards the power of hybrid cloud? - ITProPortal - November 1st, 2021
- How To Choose The Best Website Hosting Platform 2021? Film Daily - Film Daily - November 1st, 2021
- Firstsource Selects NICE WFM Cloud to Unlock the Power of Digital Transformation - Business Wire - November 1st, 2021
- Bare Metal Cloud Service Market Overview and Forecast Report 2021-2026 | Amazon Web Services, Bigstep, Dell Technologies, IBM, CenturyLink, Oracle,... - November 1st, 2021
- Debunking SASE myths: How it has helped productivity - TechRadar - November 1st, 2021
- COVIDSafe total cost was AU$9.2 million to October 4 with AU$2.8 million on hosting - ZDNet - November 1st, 2021
- IT Infrastructure Services Market Is Booming Worldwide | HCL, IBM, Verizon Communications Inc., Accenture, HPE and more The Host - The Host - November 1st, 2021
- Russian cyber spies target CSPs and resellers to abuse delegated access - Reseller News - November 1st, 2021