June 7, 2024 at 08:12AM
The FCC announced new reporting requirements to improve internet routing security, focusing on mitigating flaws in the Border Gateway Protocol (BGP). They propose the largest broadband providers submit quarterly reports on progress. The agency highlights the potential threats of BGP manipulation and proposes implementing security measures using RPKI. Public comments are sought on these requirements.
Based on the meeting notes, the Federal Communications Commission (FCC) has announced reporting requirements to improve the security of internet routing, particularly focusing on the Border Gateway Protocol (BGP). The proposal mandates broadband providers to create and execute plans to address security flaws in BGP. It also requires the largest broadband providers to submit quarterly reports on the progress made in mitigating BGP risks.
The FCC highlights that the current design of BGP lacks intrinsic security features, making it vulnerable to falsification and potential traffic redirection by threat actors, leading to significant risks such as personal information exposure, data theft, and service disruption. To address these issues, the agency proposes the use of Resource Public Key Infrastructure (RPKI) security measures in BGP management plans.
Under the proposal, the nine largest broadband providers in the US must submit BGP security risk management plans and quarterly public reports on their progress in implementing RPKI-based security measures. Smaller providers are also required to create these plans and make them available to the FCC upon request.
FCC Chairwoman Jessica Rosenworcel emphasized that the proposed plans would attest to the providers’ efforts to follow existing best practices related to Route Origin Authorizations and Route Origin Validation using RPKI.
The FCC is seeking public comment on the proposed requirements and other measures related to RPKI-based security, highlighting the critical nature of internet routing in public safety and national security.
In summary, the FCC is taking proactive steps to address vulnerabilities in internet routing by proposing specific reporting requirements and security measures focused on BGP, with a special emphasis on the use of RPKI to enhance security.