Tacoma, Washington based IID (Internet Identity), a provider of technology and services that help organizations secure Internet presence, today announced the availability of a new border gateway protocol (BGP) security solution for the extended enterprise designed to detect, diagnose and mitigate BGP security threats. Announced at the RSA Conference in San Francisco, “IID ActiveTrust BGP” is designed to help secure everything from Internet transactions and messages to corporate and consumer data for both an organization and its vast web of partners (the extended enterprise).
Border Gateway Protocol (BGP) is the protocol that supports routing decisions made to pass data across the Internet. As the core routing system for the Internet, it finds the most efficient route for Internet data to be transmitted around the world, deciding which “links” carry Internet data. BGP is most commonly used within and between Internet Service Providers (ISPs). If the domain name system (DNS) is the Internet’s address book, then BGP is its navigation system providing turn-by-turn directions for all Internet connections.
By hijacking these BGP translations, attackers can drive unsuspecting surfers and corporate users to malicious sites, making large parts of the ‘Net largely useless or insecure. They can also intercept corporate e-mail, financial transactions, and other highly sensitive data and personal information. The financial and security implications associated with such acts can be tremendous. “The possibility of BGP hijackings are nothing new, but what is new is that we’ve entered an age of sophisticated cybercrime and potentially even cyber ‘warfare’ where the stakes are higher than ever to protect sensitive data,” said Rodney Joffe, Senior Vice President and Senior Technologist at Neustar, Inc. “It is good to see such services like ActiveTrust BGP protecting blind spots that were created long ago in the Internet’s infrastructure that we’re seeing exploited now.”
The recent BGP incident where 15 percent of the world’s Internet traffic routes were advertised by a Chinese state-controlled telecommunications company shows how vulnerable organizations are to BGP exploits. In that case, China Telecom advertised erroneous BGP routes that funneled traffic for websites, email and other transactions of the U.S. Senate, Department of Defense, NASA and Department of Commerce through Chinese networks before it reached its intended destination.
ActiveTrust BGP proactively identifies, alerts for and mitigates malicious or accidental routing issues such as the incident in China, helping secure web, data and messaging transactions. Not a mere monitoring solution, ActiveTrust BGP provides action in three critical ways:
• Detect – Numerous automated systems constantly probe the BGP infrastructure for any malicious or accidental configuration issues affecting an organization and its extended enterprise like business partners, ISPs and more. The IID team instantly alerts an organization when it identifies a suspicious change within its extended enterprise’s BGP routing infrastructure.
• Diagnose – IID’s 24/7 expert team layers human intelligence and insight onto an automated system, determining the likely importance and impact of a given BGP change. The team immediately communicates critical issues to designated stakeholders within the customer organization.
• Mitigate – Through IID’s relationships with key Internet infrastructure providers, law enforcement authorities, security partners and more, it brings all parties together including extended enterprise partners, ISPs, domain registrars, software vendors, etc. to resolve the issue in a timely fashion.
“Unless the core routing principals for the Internet changes, there will be no magic potion to stop BGP hijacking,” said IID President and CTO Rod Rasmussen. “Until then, the only way to limit damage from such attacks is to detect, diagnose and mitigate them as soon as possible – and ActiveTrust BGP does just that.”
