Episode Details

Back to Episodes
BGP Vortex: Internet Kill Switch?

BGP Vortex: Internet Kill Switch?

Published 4 months ago
Description

Could a single BGP trick really break the internet?

A new “BGP Vortex” claim says yes  - by abusing route oscillation and BGP communities to trigger endless update loops and exhaust router CPU. So we check what actually holds up in the real world.
In this Threat Talks Deep Dive, Rob Maas, Field CTO at ON2IT, sits down with Eric Nghia Nguyen Duy, Network Engineer at AMS-IX, to understand what BGP (short for Border Gateway Protocol) actually does, how the proposed Vortex mechanism works (route oscillation + community behavior), and why real-world internet operators are far more resilient than the headline suggests.
Yes, it’s an attention-grabbing claim.

No, it’s not a “break the whole internet tomorrow” button.

  • (00:00) - – 02:29 Introduction: The BGP Vortex Claim
  • (02:29) - - 06:35 What is BGP?
  • (06:35) - - 13:13 BGP Vortex: How it works
  • (13:13) - - 15:02 What an Attacker Would Actually Need
  • (15:02) - - 19:08 What can we do to prevent this
  • (19:08) - - 19:56 What role AMS-IX plays
  • (19:56) - – 22:01 Conclusion

Key topics covered
• What BGP is and why the internet depends on it
• How route oscillation and update amplification can overload routers
• Why the attack relies on upstream policy choices (communities aren’t “magic”)
• Why the “break the internet” claim is mostly theoretical
• Practical mitigations: filtering/inspecting communities, monitoring, session shutdown

Resources
• BGP Vortex research paper: https://www.usenix.org/system/files/usenixsecurity25-stoeger.pdf 
• BGP Vortex presentation video: https://www.youtube.com/watch?v=dd6L1mdQLmk
• Threat Talks: https://threat-talks.com/
• ON2IT (Zero Trust as a Service): https://on2it.net/
• AMS-IX: https://www.ams-ix.net/ams

Subscribe to Threat Talks and turn on notifications for deep dives into the world’s most active cyber threats and hands-on exploitation techniques.

Click here to view the episode transcript.

🔔 Follow and Support our channel! 🔔
=== 
► YOUTUBE: https://youtube.com/@ThreatTalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E
► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520

👕 Receive your Threat Talks T-shirt
https://threat-talks.com/

🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com

🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX

Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us