Border Gateway Protocol attack

A Border Gateway Protocol attack involves an attacker corrupting the BGP tables containing information on how packets should be routed between any given network and other networks. These corrupted tables can misdirect traffic away from its rightful destination and toward a network controlled by the attacker.

Once the attacker has captured traffic intended for a given destination, the captured traffic can be discarded (thus isolating the destination network) or copied for later examination and then forwarded to the correct destination (to reduce the likelihood of the attack becoming known). If the captured traffic contains information such as passwords, the attacker may be able to impersonate the sender at a later date.