What’s a BGP hijack?

To better understand why BGP’s lack of security is so problematic, let’s look at a simplified model of how BGP is used to route Internet packets.

The Internet is not run by just one company. It’s made up of thousands of autonomous systems with nodes located all around the world, connected to each other in a massive graph.

In essence, the way BGP works is that each node must determine how to route packets using only what it knows from the nodes it connects with directly.

For example, in the simple network A–B–C–D–E, the node A only knows how to reach E based on information it received from B. The node B knows about the network from A and C. And so forth.

A BGP hijack occurs when a malicious node deceives another node, lying about what the routes are for its neighbors. Without any security protocols, this misinformation can propagate from node to node, until a large number of nodes now know about, and attempt to use these incorrect, nonexistent, or malicious routes.

Click “Hijack the request” to visualize how packets are re-routed: