29 September 2022 | 2 min read | Beatričė Raščiūtė
You are exploring: News

Latest in the News: RPKI, BGP and Other Internet Security Best Practices

Why is RPKI ROV important? What can be done about BGP vulnerabilities? Is it possible to enhance the security of internet-connected devices? These are the questions addressed in the latest news.

A laptop with a lock and a key next to it.

At times, internet security best practices do not cross the minds of internet users. That is because they often assume that internet-connected devices are relatively secure and that as long as they do not visit suspicious sites or respond to spam emails, they will be safe. Of course, things are a little more complicated than that. 

It is true that what we do can significantly influence our own virtual security. However, internet security, in most cases, is in the hands of technology developers and device manufacturers.  

The Resource Public Key Infrastructure (RPKI) was introduced in 2008 to support the Border Gateway Protocol (BGP) routing infrastructure. It was clear from the get-go how important this framework would be. Today, network security researchers still keep pushing for wider RPKI adoption. The developers and manufacturers of internet-connected devices also have a long way to go to ensure security for end users. 

Dutch network security researchers highlight the importance of RPKI ROV 

Route Origin Authorization (ROA) enables classifying BGP announcements as valid, invalid or not found. The general rule of thumb is that network operators reject invalid announcements. 

Koen van Hove, a network security researcher at the University of Twente, took part in an experiment related to RPKI ROV (route origin validation). During the experiment, the researchers investigated where traffic goes. They concluded that 75% of the traffic reached the intended location, thus highlighting the importance of RPKI ROV. 

FCC prepares to tackle BPG vulnerabilities 

It is important to research internet security, but it is perhaps even more important to apply the findings and introduce changes. That is why the US Department of Justice and the Department of Defense support Federal Communications Commission’s advances to improve internet routing security. 

According to the FCC, BGP vulnerabilities place personal and commercial data at risk of “theft, espionage and sabotage.” The commission claims that while BGP is essential for effective routing, it essentially has no security features. FCC hopes that new technical security standards and more transparency can help ensure better internet security overall.  

The EU aims to protect the users of internet-connected devices 

The first of its kind, the Cyber Resilience Act, introduced by the European Union, aims to enhance the security of all wired and wireless devices connected to the internet. The Act targets hardware and software manufacturers and developers responsible for the products within the EU market.  

According to the EU Cyber Resilience Act announcement, the Act will protect end users by ensuring they are properly informed. It is argued that while manufacturers may face reputational damage when cyberattacks affect their products, the end users are the ones who pay for the exploited vulnerabilities. Especially when they do not have sufficient information about their products and how they are secured.  

About the author

Beatričė Raščiūtė

Technical Content Writer

Beatričė is a Technical Content Writer at IPXO. Having experience in translations, she decided to test new waters in the tech industry as a writer. While creating content, she dives deep into different internet and networking topics with the goal to present valuable information in the most reader-friendly way.