Increasing security risks associated with the Border Gateway Protocol used for internet routing — including cyberespionage, data theft, and critical infrastructure disruption — has prompted the Federal Communications Commission to propose new rules that would mandate the development and updating of BGP security risk management plans among major broadband internet services providers across the U.S., reports SecurityWeek.
Such plans, which should include details regarding the implementation of Resource Public Key Infrastructure-based security measures, should also be established and submitted by smaller broadband providers upon request by the FCC.
"These plans would describe and attest to their efforts to follow existing best practices with respect to Route Origin Authorizations and Route Origin Validation using the Resource Public Key Infrastructure," said FCC Chair Jessica Rosenworcel.
The FCC has already opened public comments for the proposed rule and RPKI-based security measures, with the commission emphasizing BGP's lack of security features owing to its decades-old design.
