FCC pushes ISPs to fix security flaws in Internet routing
The Federal Communications Commission wants to verify that Internet service providers are strengthening their networks against attacks that take advantage of vulnerabilities in Border Gateway Protocol (BGP).
The FCC today unanimously approved a Notice of Proposed Rulemaking that would require ISPs to prepare confidential reports "detail[ing] their progress and plans for implementing BGP security measures that utilize the Resource Public Key Infrastructure (RPKI), a critical component of BGP security."
"Today, we begin a rulemaking to help make our Internet routing more secure," FCC Chairwoman Jessica Rosenworcel said. "We propose that all providers of broadband Internet access service prepare and update confidential BGP security risk management plans. These plans would describe and attest to their efforts to follow existing best practices with respect to Route Origin Authorizations and Route Origin Validation using the Resource Public Key Infrastructure. In addition, we propose quarterly reporting for the largest providers to ensure we are making progress addressing this well-known vulnerability."