Artificial Intelligence (AI) has transformed the world of technology, enabling systems to learn, adapt, and make decisions without explicit programming. From autonomous vehicles to medical diagnostics and flight control systems, AI promises unprecedented efficiency and capability. However, when it comes to safety-critical systems—where failure could result in injury, loss of life, or significant damage—the use of AI introduces profound challenges that go far beyond traditional software engineering. Unlike conventional software, which behaves predictably according to its programmed logic, AI is built on learning and training. Its decisions and outputs depend heavily on the data it has been trained on and the patterns it recognizes during runtime. This adaptive, data-driven behavior means that an AI system’s responses may vary with changing inputs or environments, often in ways that are not explicitly defined or foreseen by developers. While this flexibility is a strength in many applica...
Border Gateway Protocol (BGP) is the prevalent protocol for inter domain routing between Autonomous Systems (e.g. Verizon, AT&T and Comcast) across the internet. The configuration of BGP speaking border routers lies under the local control of specific Autonomous System administrators. This makes BGP much insecure and susceptible to attacks as there is no one single administrator. Some of the ways in which BGP can be hijacked due to accidental mis-configuration or deliberate malicious intent are:
- An AS may announce that it owns a specific prefix which it does not.
- An AS may announce a bogus path to a specific destination which does not exist.
- An AS may announce that it can route to a specific destination using a shorter path.
- AS 7007 Incident: On April the 25th in 1997, AS 7007 (MAI Network Services) advertised all of the prefixes existing in internet as originating from it's AS. This resulted in internet connectivity disruption to large fraction of users. This is popularly known as AS 7007 incident which created a routing black hole. The routes leaked were deaggregated to /24 which were more specific than the prefixes already existing in global routing tables. The AS path was rewritten as 7007 and resulted in loss of internet connectivity to large fraction of population.
- China Telecom Attack: On April 8th in 2010, China advertised 50,000 different IP prefixes originating from 170 different countries. The hijack was seemingly accidental as the prefixes were long enough not to disrupt existing routes of the internet.
- Pakistan YouTube Block: On February 24th in 2008, Pakistan advertised YouTube prefixes resulting in blocking YouTube access to large population across the world. It was also accidental following a government order to block YouTube access within the country.
- ConEdison Hijacks: In January of 2006, ConEdison accidentally hijacked a lot of transit networks including level 3 ISPs disrupting connectivity to a lot of customers.
- Google DNS Outage: In May of 2005, a DNS outage resulted in hijacking of prefixes owned by google. This resulted in search engine giant to be unreachable by domain www.google.com.
Comments
Post a Comment