Recently, reports emerged that a large Asian telecommunications company has been covertly hijacking global internet traffic for nearly 30 months.
By publishing false routing information using a protocol called BGP, sources were able to redirect global traffic and pass it through unauthorized locations where it is subject to possible interception and tampering -- all without the owners’ knowledge. As a result, it is possible that bad actors gained access to many international business internet networks and had the ability to steal, modify or corrupt data, or add malicious implants to network traffic.
While this news should scare business executives around the globe, these sorts of attacks have become all too common. And it's this regularity of these attacks that drives home the absolute need for end-to-end encryption. Just one weak entry point can put enormous amounts of data at risk.
Securing data at each endpoint is not enough. We must now secure data end-to-end, as well.
All Encryption Is Not Created Equal
To many, the answer to keeping traffic secure during a hijacking is point-to-point encryption. Unfortunately, standard encryption (such as TLS) relies on certificates to protect traffic from tampering. This isn't effective against sophisticated attacks - like the aforementioned hijacking - because there are so many certificate authorities and they are compromised with alarming regularity.
The Keys Are Key
The only way to secure in-transit data against hijacking attacks is to implement transport layer security with true end-to-end encryption. But what is that, exactly?
Encryption of data at rest and in motion is not real end-to-end encryption. In this model, data is repeatedly decrypted in the cloud, which means that if a malicious actor is re-routing and intercepting traffic, data is exposed.
Bring your own key solutions are likewise inadequate protection. BYOK services store copies of keys with third-party cloud solution providers, yet claim that the data is still secure. This is like someone trusting a stranger with a set of house keys and claiming that it is now impossible to break in. But once you give your keys to someone else, they are simple to duplicate and retain.
The only person that you should trust with your keys is yourself, and they should be kept within a secure environment such as on-premise under your own security controls. What’s more, BYOK fails to protect traffic during network transmission and is typically applied only when data is actually stored.
P.S. Fixing BGP Is Not the Ultimate Answer
BGP was designed in an era of “open internet/collaboration”, it’s security vulnerabilities are well documented, and it has no obvious near term fix or replacement in sight. Simply correcting the issues with BGP, while desirable, is not in itself a long term solution to securing your data, as these sorts of security vulnerabilities appear with alarming regularity. The only reasonable long term solution to protecting your data is to require all of your applications to use full end-to-end encryption with user-controlled keys.
So How Do You Solve for This Security Threat?
In true end-to-end encryption, data is sealed at the start point, decrypted once it reaches the intended recipient, and encryption keys are inaccessible to anyone but their owner. Networks may be breached, but the data is encrypted and cannot be read.