Get All Access for $5/mo

The Rise of BGP Hijacking and Why You Need a Response Plan Immediately The primary consequence of this kind of attack is that hackers can reroute information to different locations.

By Deepak Gupta

Opinions expressed by Entrepreneur contributors are their own.

Border Gateway Protocol (BGP) Hijacking is one of the many famous attacks hackers deploy to interfere with content delivery networks (CDNs). Hackers may also be capable of interfering with cloud hosting providers. Recently, almost all major cloud service providers like Google, Amazon and GoDaddy have become victims of BGP Hijacking.

How does a BGP function?

Before getting into the depth of how BGP hijacking occurs, it is important to delve into BGP. BGP is essentially a routing protocol that can connect several networks. This congregation of networks is known as an Autonomous System (AS). A routing protocol is used to transfer information or data packets across several networks.

Typically, an AS consists of ISP providers, large tech enterprises, or in some cases, networks that belong to governments. Every AS receives a unique number responsible for controlling a specific set of IP ranges or spaces known as prefixes. Every AS displays the list of IP addresses they control and possible pathways to neighboring routers or Peers during data packet routing.

The information regarding the peers and the IPs in control are stored in routing tables and frequently change when new networks and shorter pathways appear.

Related: For the Average Hacker, Your Small Business Is an Ideal Target

The anatomy of a BGP hijacking

The primary consequence of BGP hijacking is that hackers can reroute information traveling through a network to different locations. They can do so using the following steps:

Route announcement

The first step is to send out an announcement of new BGP routes. This announcement will only be believable if it is announced by a legitimate AS. The bad actor will use a compromised AS to do so. The route announcement usually involves releasing a table of all the available prefixes or IP ranges. If all goes well, they will announce new BGP routes to their global network peers.

IP specificity

The IP addresses chosen for display are more specific in comparison to legitimate IP addresses. In most cases, hackers employ unused prefixes, or IP ranges present on real and legitimate AS networks. This can help to improve the chances of concealing the hackers' identity drastically.

The information pathway is only intercepted if the hackers can prove that the new route is shorter. The more efficient they show their network to be, the more information will be intercepted.

Crafting the right response plan

BGP hijacking is one of the more prevalent cyberattacks currently. In fact, in April 2018, attackers infiltrated Amazon Route 53. They then went on to reroute 1,300 addresses hoping to steal cryptocurrency. The hackers were able to avoid suspicion by acting as a cryptocurrency website known as They subsequently stole around $150,000 in cryptocurrency from end-users. Therefore, companies, both big and small, require a response plan to incapacitate the attacker.

A typical incident response attack after a BGP hijacking takes place can be far from easy. This is because of how hackers can conceal themselves. However, in most cases, companies carry out a three-step incident response plan.

These steps include detection, containment and eradication. Of these, the containment step is especially challenging, given that route announcements can take place rapidly.

Related: Crypto Hacker's Data Vulnerable to FBI Through Palantir Glitch

Preventing BGP hijacking

To prevent this cyberattack, companies will have to either rely on the measures put forward by their ISP or implement their security measures. The latter has to take place if the company owns the AS network.

Companies that depend on the security measures put forward by their ISPs will have to constantly contact the providers to ensure that the vulnerabilities within the network are eradicated.

In the second case, an organization should consider carrying out the following steps:

  • Create a peering policy that can help peers to determine the legitimacy of the IP addresses. A company has a choice between an open peering policy and a selective one depending on its needs from its network.

  • MANRS (Mutually Agreed Norms for Routing Security) is a collection of best practices organizations can utilize to protect their networks from BGP hijacking. Therefore, it is important to incorporate this in the security measures.

  • Restrict the number of prefixes or IP ranges displayed by an AS network to limit the number of announcements being made.

  • Implement authentication checkpoints through which an operator has to go through before accepting an announcement.

In addition to this, organizations also turn to route filtering, real-time BGP update checks and more to ensure that hackers cannot hijack the network. However, an automated response tool is the most impressive and accurate security measure that an organization can invest in. This tool will work as both a detector and mitigation tool to help prevent hijacking.

Although there has been a rise in cases of BGP hijacking in the past few years, organizations today are more equipped to handle it with the drastic enhancement of security options.

Related: 5 Types of Business Data Hackers Can't Wait to Get Their Hands On

Deepak Gupta

Entrepreneur Leadership Network® Contributor

CTO of LoginRadius

Deepak Gupta is a developer, tech entrepreneur and cybersecurity leader. Gupta is the co-founder and CTO of LoginRadius, a cloud-based consumer identity platform.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick


Most Gen Z Workers Want This One Thing From Their Employer. Are You Providing It?

Millions of college graduates are entering the workforce, and many feel unprepared. Here's the one thing they're looking for from potential employers — and how providing it will benefit you and your business in the long run.

Making a Change

Get a Lifetime of Babbel Language Learning for Just $150 Through June 17

Learn up to 14 languages over the course of a lifetime, with bite-size lessons, personalized reviews, and speech recognition tech.

Growing a Business

7 Strategies to Recession Proof Your Business in 2024 and Beyond

Insulate yourself from the turbulence so you can maximize the opportunities and grow.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

Is the AI Industry Consolidating? Hugging Face CEO Says More AI Entrepreneurs Are Looking to Be Acquired

Clément Delangue, the CEO of Hugging Face, a $4.5 billion startup, says he gets at least 10 acquisition requests a week and it's "increased quite a lot."

Side Hustle

'The Work Just Fills My Soul': She Turned Her Creative Side Hustle Into a 6-Figure 'Dream' Business

Kayla Valerio, owner of vivid hair salon Haus of Color, transformed her passion into a lucrative venture.