What is BGP Hijacking?
An attack where a network falsely announces ownership of IP address ranges, rerouting internet traffic through attacker-controlled infrastructure.
BGP (Border Gateway Protocol) is the routing protocol that determines how data travels across the internet. BGP hijacking exploits the trust-based nature of this system.
How It Works
- BGP relies on networks honestly announcing which IP addresses they control
- An attacker announces routes for IP ranges they don't own
- Other networks accept these announcements and reroute traffic
- The attacker can inspect, modify, or drop the traffic
Real-World Impact
- Nation-state surveillance of encrypted communications
- Cryptocurrency theft by redirecting mining pool traffic
- Interception of email and web traffic at scale
Protection
- Use end-to-end encryption for all communications
- VPNs help but can also be affected if the VPN provider's routes are hijacked
- RPKI (Resource Public Key Infrastructure) is being deployed to prevent this
Related Terms
Traffic Analysis
The process of examining patterns in communication metadata—who talks to whom, when, how often, and how much—to extract intelligence without accessing content. Even encrypted communications leak metadata that can reveal sensitive information.
Virtual Private Network
A technology that creates a secure, encrypted connection over a less secure network, such as the public internet. VPNs mask your IP address, encrypt your internet traffic, and can make it appear as though you're browsing from a different location.
Have more questions?
Use our guided flow to get the right next privacy step for BGP Hijacking.
Open Guided Flow