NIST Wants to Protect Internet Traffic from Hijacking and Spying

The government’s cybersecurity standards agency is seeking public feedback on a slate of recommendations for better ensuring the security of internet traffic routing.

The planned “cybersecurity practice guide” will detail best practices for protecting internet traffic from various cyberattacks that rely on rerouting web traffic to points where it can be hijacked or surveilled.

The project, designed by the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence, stems from inherent weaknesses in the default system for routing internet traffic between organizations known as the Border Gateway Protocol.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The BGP routes traffic—such as a request to view a web page or when a person fills in an online form—through intermediary points on the internet to deliver the information or request as efficiently as possible. The system was designed for efficiency rather than security, though.

Among other topics, the NIST publication will address a system to validate the authenticity of each pit stop information takes between sender and receiver to ensure none of them is fraudulent. In NIST speak, that’s “BGP Route Origin Validation (ROV) based upon the Resource Public Key Infrastructure (RPKI).”

The public comment period will run through June 29.