The Internet Still Runs on 1980s Protocols. That Should Worry You

Source: TechRadar

The Internet Still Runs on 1980s Protocols – That Should Worry You

Cloudflare’s 1.1.1.1 DNS resolver service fell victim to a simultaneous BGP hijack and route leak event, causing massive internet outages and degradation worldwide. Pakistan caused the most famous BGP outage. The government tried to block access to YouTube within the country. Their misconfiguration caused a worldwide YouTube outage. Most organizations are targets of attacks 7.5 times a year. And while most are resolved quickly, these are examples of public infrastructure failures that are beyond your control. What other technology do you rely on every day that was invented in the 1980s? Not your smartphone. Not your car. Not your TV. And definitely not your work tools. Yet, every time you send an email, connect to a website, or deploy a cloud service, you’re relying on core internet protocols that predate the web itself.

The Fragile Foundation

The Border Gateway Protocol (BGP) was designed in 1989, an era when the “internet” was barely a concept and security was an afterthought. Back then:

– Home users connected via dial-up modems.
– Businesses considered themselves cutting-edge if they had a T1 line.
– Network reliability was a hope, not an expectation.

BGP’s original purpose was simple: keep the nascent internet stitched together. It provided large institutions with a means to announce which IP address blocks they controlled and to learn about others. The protocol allowed routers across autonomous systems (ASes) to share route announcements and dynamically discover paths to distant networks.

BGP was designed for resilience, not determinism. For openness, not security.

Speed, Uptime, and Security

Today, we demand speed, uptime, and security that BGP was never built to deliver. Multi-gigabit fiber reaches homes. Enterprises span multiple clouds across continents. Workloads like real-time video, financial transactions, and machine learning require low-latency, high-throughput data paths.

However, BGP still routes traffic based on trust and reachability, rather than performance or identity. It can’t enforce policies. It can’t prevent hijacks. And it certainly can’t guarantee who’s on the other end.

Despite multiple security incidents and efforts, such as RPKI and BGPsec, the internet still routes traffic based on a chain of trust that can be exploited by anyone with a few malicious route announcements. Most fixes require coordination that doesn’t exist and IT infrastructure upgrades that move at glacial speed.

The result? The modern internet rides on a protocol that thinks it’s still 1992.

READ MORE