Cloudflare has launched a new tool to help internet user to check whether their internet service provider (ISP) has implemented security protections and filters to make Border Gateway Protocol (BGP) safer to use.
In order to use the tool, users will be required to go to "Is BGP Safe Yet" website, which was launched by Cloudflare on Friday. After a user clicks on the "test your ISP" button on the home page, a quick test will be run to determine if their ISP has started using the Resource Public Key Infrastructure (RPKI) certification system.
The test will be carried out by announcing a legitimate route, which is actually an invalid route. If the ISP accepts that invalid route to load a website, it will suggest that the ISP has not yet implemented RPKI and that it will likely accept a leaked or a hijacked route too.
So far, only a limited number of ISPs and cloud companies have implemented the RPKI security feature. Those companies include NTT, Telia Amazon, AT&T, and Cogent, according to the "BGP Safe Yet" website.
BGP, which is described as the postal service of the Internet, is used to determine the best route among various available paths for internet data. Unfortunately, this protocol is not very secure to use and provides opportunity to threat actors to hijack web traffic for data interception, spying, or other malicious purposes.
A number of major internet disruptions have occurred in recent years because of BGP issues.
In June 2019, a major 'routing leak' at a data centre in Switzerland caused the re-routing of European mobile traffic through China Telecom for more than two hours. A large number of users reported significant slowdowns in data speeds as a result.
Similarly, Facebook, Instagram and WhatsApp were taken down for 14 hours in March 2019 in a global outage caused by a BGP leak from a European ISP.
Earlier this month, a BGP disruption resulted in unexpected diversion of huge amounts of web traffic through a Russian telecom.
"With that last big route leak from a few weeks ago out of Russia it was a point at which our engineering team said enough is enough, it's time for us to start naming and shaming the companies who aren't doing this right," Cloudflare CEO Matthew Prince told Wired.
"Anything that goes wrong anywhere on the internet we get blamed for it, which is right! Our customers pay us to make sure their internet connections are fast and secure and reliable. So BGP is one of these really frustrating areas that we can't solve ourselves."
RPKI is a security framework technique that links a route with an autonomous system. It relies on cryptography method to validate the piece of information before it is passed onto the routers.
"We expect this initiative will make RPKI more accessible to everyone and ultimately will reduce the impact of route leaks," Cloudflare said.
"The last two years have shown that the Internet can become safer and we are looking forward to the day where we can call route leaks and hijacks an incident of the past," it added.
Geoff Hedges, digital transformation manager at Worcestershire County Council explains how his organisation is keeping processes running smoothly whilst adding additional services to help both internal and external customers - all whilst ensuring morale...
Network operators across Europe have 'coped well' with additional traffic load amid coronavirus crisis
No glaring network congestion issues observed so far in Europe, according to the Body of European Regulators for Electronic Communications
National Emergency Library opened up amid concerns students will not be able to access texts during the lockdown