CLICK TO SHARE
In a weeks-long stretch in 2014, hackers stole thousands of dollars a day in cryptocurrency from owners. In 2017, internet outages cropped up around the United States for hours. Last year, Google Cloud suffered hours of disruptions. Earlier this month, a large swath of European mobile data was rerouted through the state-backed China Telecom. And on Monday, websites and services around the world—including the internet infrastructure firm Cloudflare—experienced hours of outages. These incidents may sound different, but they actually all resulted from problems—some accidental, some malicious—with a fundamental internet routing system called the Border Gateway Protocol.
The web is distributed, but it's also interconnected. It needs to be so that data can move around worldwide without all being controlled by a single entity. So every time you load a website or send an email, BGP is the system responsible for optimizing the route that data takes across these sprawling, intertwined networks. And when it goes wrong, the whole internet feels it.
Originally conceived in 1989 (on two napkins), the version of BGP used today remains largely unchanged since 1994. And though BGP has scaled surprisingly well, there's no denying that the internet is very different than it was 25 years ago. In fact, the way BGP was designed introduces risk of outages, manipulations, and data interception—all of which have come to pass.
The internet's backbone routers—massive industrial nodes usually run by internet service providers, not the Linksys at your house—each control a set of IP addresses and routes. ISPs and other large organizations use BGP to announce these routes to the world and calculate paths. Think of it like planning a cross-country drive: You need to know the different route options in each area, so you can stop at all the right corn mazes and the world's largest rocking chair without adding too much extra driving each day. But if your GPS is outdated, you could end up at a dead end, or on a new road that totally bypasses the salt flats.
On the internet, it's crucial for data to get where it's supposed to go, yet BGP hinges on something a little bit slippery: trust. The protocol wasn't designed to independently verify the route claims of individual networks. If these so-called autonomous systems accidentally announce bad routes—or are hijacked to broadcast inaccurate routes—data flows start to back up or reroute in haphazard ways that can lead to connectivity issues. It's like if hackers set up detour signs, or changed street names, to put you on a path to your in-laws' house instead of a waterpark. And if an attacker crafts one of these diversions carefully, she can even potentially control the flow of data to intercept it.
Post a comment.
CLICK TO SHARE