Heimdal
article featured image

Contents:

The Government of the Netherlands announced last week its intention to implement the Resource Public Key Infrastructure (RPKI) standard on all its networks. The measure is meant to upgrade de Internet routing safety, protecting the networks against route hijacks and leaks.

All the Dutch government’s communication devices (ICT), old or new, will comply with this standard by the end of 2024.

How RPKI Works?

The security measure comes after a recommendation of the Standardization Forum, an entity that does research and offers advice to the public sector on the implementation of open standards.

RPKI, or Resource Certification, uses the cryptographic verification of the routes, to guard against the incorrect rerouting of Internet traffic, whether deliberately or not.

The standard uses digital certificates to secure the Border Gateway Protocol (BGP) used for exchanging routing information and ensure that the traffic comes through the legitimate network operator controlling the IP addresses on the destination path.

Source

Worldwide network providers can confirm traffic routes through RPKI certificates. These are centralized and accessible to the public.

This standard ensures that only permitted pathways are used to transmit Internet traffic. As consequence, it eliminates the risks of man-in-the-middle attacks or other kinds of interception attacks.

Dutch Government to Adopt RPKI on All Its Networks for Safety Reasons

Source

Traditionally, network operators are trusted to use the correct IP for Internet routing. But an operator can fake advertise a particular set of IP addresses, receiving traffic that would otherwise take a different path. This can lead to BGP hijacking, ad further to traffic interception and monitoring, and IP spoofing with the purpose of spamming.

RPKI Worldwide

77.9% of government websites and 75.1% of email domains in the Netherlands already support this safety standard. But all over the world, only 41% of verifiable IPv4 prefix-origin pairs comply with RPKI, according to The National Institute of Standards and Technology (NIST) in the U.S.

Furthermore, 58% of networks are vulnerable to routing accidents, and 1% are invalid due to an error in their route origin keys.

In early 2020, RPKI adoption rate was 18% and grew to 27% in January 2021, and 33.5% at the beginning of 2022.

Source

If you liked this article, follow us on LinkedInTwitterFacebook, and YouTube for more cybersecurity news and topics.

Author Profile

Andreea Chebac

Digital Content Creator

Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE