BGP works under assumption that everyone involved acts in good faith and that good faith can be, and in specific cases in history was, severely abused.
So Ivan Sabotageovich calls up someone who works at Level3
Says “Hey broski I want you to start announcing bogus BGP routes”
Guy who answers the phone says “What? Why would I do that?”
Guy on the phone says “I’ll give you rubles”
Guy who answers the phone says my brother in Christ I make $175k per year and I will get fired and they’ll fix it in about 25 minutes anyway, sorting out and fixing stuff like this is kind of why people like me are employed here and there are a lot of us watching what happens
Guy on the phone says I can also give you TONS of unrefined crude oil and methane, or precision aircraft parts from the 1990s
Guy who answers says I need to go now, good luck though
No, Ivan will just announce “hey, I have direct link into these ASs” and lot of parties will believe him, consider him shortest route and send him lot of traffic intended for said ASs.
That’s what china did in 2010 when they hijacked about 15% of all world’s traffic.
BGP works under assumption that everyone involved acts in good faith and that good faith can be, and in specific cases in history was, severely abused.
So it is likely it will be part of the problem.
https://en.m.wikipedia.org/wiki/BGP_hijacking
So Ivan Sabotageovich calls up someone who works at Level3
Says “Hey broski I want you to start announcing bogus BGP routes”
Guy who answers the phone says “What? Why would I do that?”
Guy on the phone says “I’ll give you rubles”
Guy who answers the phone says my brother in Christ I make $175k per year and I will get fired and they’ll fix it in about 25 minutes anyway, sorting out and fixing stuff like this is kind of why people like me are employed here and there are a lot of us watching what happens
Guy on the phone says I can also give you TONS of unrefined crude oil and methane, or precision aircraft parts from the 1990s
Guy who answers says I need to go now, good luck though
Guy on the phone says blyat as the line goes dead
No, Ivan will just announce “hey, I have direct link into these ASs” and lot of parties will believe him, consider him shortest route and send him lot of traffic intended for said ASs.
That’s what china did in 2010 when they hijacked about 15% of all world’s traffic.
https://digitalcommons.usf.edu/cgi/viewcontent.cgi?article=1050&context=mca
… for 18 minutes
With their existing infrastructure in the US which Russia doesn’t have
And it was detected (and was trivial to fix once detected it sounds like) even before people were particularly alerted to this as a possibility
18 minutes is a lot in some coordinated multiple-vector attack
You are ignoring the possibility of blackmail though.
Then it gets fixed in 25 minutes.