Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Open-source tool aims to curb BGP hijacking amid Chinese espionage concerns

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 31 Dec 2018 07:46:23 +0000 (UTC)
https://www.cyberscoop.com/open-source-tool-aims-to-curb-bgp-hijacking-amid-chinese-espionage-concerns/

By Jeff Stone
Cyberscoop
Dec 30, 2018

BGP security is going global.
International agencies including the U.S. Department of Homeland Security, the National Science Foundation, the European Research Council and others are funding the Automatic and Real-Time dEtection and Mitigation System (ARTEMIS), in an effort to stop hackers from rerouting internet traffic through malicious networks.
Border Gateway Protocol hijacking occurs when attackers redirect web traffic away from its intended destination and instead send those connections somewhere else. Perhaps the best known example of BGP hijacking occurred in November when millions of IP addresses aimed at Google were instead sent to a state-controlled telecom in China, apparently by accident. The issue has become more urgent since nation-state hackers and criminal groups started to utilize this technique for their own gain, Rob Joyce, a senior adviser at the U.S. National Security agency, said in December.
ARTEMIS is seeking to resolve this problem with the release of an open-source software tool that aims to detect and stop BGP attacks within one minute. The group also received funding from a grant from the RIPE Network Coordination Centre, which works as the internet registry for Europe, West Asia and former Soviet states.
"ARTEMIS is a defense approach against BGP prefix hijacking attacks," the group’s GitHub page states. "It is (a) based on accurate and fast detection ... by leveraging the pervasiveness of publicly available BGP monitoring services and it (b) enables flexible and fast mitigation of hijacking events. Compared to existing approaches/tools, ARTEMIS combines characteristics desirable to networks operators such as comprehensiveness, accuracy, speed, privacy and flexibility." 

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: