The White House has released a roadmap aimed at strengthening the security of a critical component of the internet, the Border Gateway Protocol (BGP). BGP is a set of technical rules that govern how data is routed across the internet, but it has been identified as a prime target for hackers due to its vulnerabilities. The report, published by the Office of the National Cyber Director (ONCD), provides recommendations for various stakeholders, including network operators, cloud service providers, critical infrastructure owners, and government agencies, to enhance BGP security.
One of the key suggestions is the adoption of infrastructure that supports additional security mechanisms for BGP.
White House urges BGP security enhancements
An ONCD official emphasized the importance of internet security, stating, “The Federal government is leading by example by pushing for a rapid increase in the adoption of BGP security measures by our agencies.
We aim for this roadmap to mitigate a longstanding vulnerability and lead to a more secure internet that is vital to our national security and the economic prosperity of all Americans.”
The Federal Communications Commission (FCC) has also introduced a roadmap to move toward regulating BGP security for internet service providers, in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA). The roadmap specifically advocates for the adoption of Resource Public Key Infrastructure (RPKI) as a mature and ready-to-implement approach to mitigate vulnerabilities in BGP. The White House announcement stated, “These recommendations are of particular importance to the networks used by critical infrastructure owners and operators, state and local governments, and any organization dependent on internet access for high-value purposes.”
The report also calls on network operators to conduct risk-based planning and monitor the status of data.
Additionally, it recommends requiring federal government contractors who are service providers to “adopt and deploy current commercially-viable internet routing security technologies.”
The efforts outlined in the ONCD report are aimed at bolstering the security of the internet and addressing the vulnerabilities that could potentially impact national security and economic prosperity.
