The Low Orbit Security Radar is a weekly security newsletter from an offensive practitioner's perspective. One idea, curated news, and links worth your time.
News: There Were BGP Anomalies During The Venezuela Blackout
When watching the situation in Venezuela unfold, the phrase "It was dark, the lights of Caracas were
I kind of understand what’s the use of BGP, but the article was lacking too many details even for me. cloudflare has a better article, their conclusion is that this was probably an accident and not an attack, because the leaked routes were so low priority that it couldn’t cayse traffic to be rerouted.
they didn’t say but I think perhaps what it could have done is overload the venezuelan state ISP with traffic they shouldn’t handle, but I don’t know for sure
I assume they mean Border Gateway Protocol. Its used to help define what network traffic goes where. This could mean traffic was being redirected to bad actor(s).
I’m not an expert, but if BGP started routing traffic through U.S. services they could MITM traffic ( if it wasn’t properly secured), but they could also just DoS which might have been enough for the purposes at that time.
I feel like I need an ELI5
I kind of understand what’s the use of BGP, but the article was lacking too many details even for me. cloudflare has a better article, their conclusion is that this was probably an accident and not an attack, because the leaked routes were so low priority that it couldn’t cayse traffic to be rerouted.
they didn’t say but I think perhaps what it could have done is overload the venezuelan state ISP with traffic they shouldn’t handle, but I don’t know for sure
https://blog.cloudflare.com/bgp-route-leak-venezuela/
I assume they mean Border Gateway Protocol. Its used to help define what network traffic goes where. This could mean traffic was being redirected to bad actor(s).
You summed it up perfectly
Bad actors as in the US gov? Suggesting they were using bgp to spy?
I’m not an expert, but if BGP started routing traffic through U.S. services they could MITM traffic ( if it wasn’t properly secured), but they could also just DoS which might have been enough for the purposes at that time.