What is a BGP Hijack?

A BGP hijack occurs when a network announces IP prefixes it does not legitimately control. Because BGP is built on trust — routers generally accept route announcements from their peers without cryptographic verification — a malicious or misconfigured network can redirect traffic intended for someone else.

How BGP Hijacking Works

Suppose Google (AS15169) legitimately announces 8.8.8.0/24. A hijacker in a different autonomous system could announce the same prefix, or a more specific one like 8.8.8.0/25. Routers prefer more specific prefixes, so the hijacker's announcement would win — traffic destined for 8.8.8.8 would flow to the attacker instead of Google.

BGP hijacks fall into several categories:

Real-World BGP Hijacks

BGP hijacks are not theoretical. Notable incidents include:

Defenses Against BGP Hijacking

RPKI (Resource Public Key Infrastructure) is the primary defense. It allows networks to cryptographically sign their route announcements, and routers can validate that the originating AS is authorized to announce a given prefix. Routes that fail validation can be dropped.

Monitoring tools like BGP looking glasses help detect hijacks by letting operators see the global routing table and verify that their prefixes are being announced correctly. You can check any prefix's origin AS and path right now:

See BGP routing data in real time

Open Looking Glass
More Articles
What is BGP? The Internet's Routing Protocol Explained
What is an Autonomous System (AS)?
What is a BGP Looking Glass?
How to Look Up an IP Address's BGP Route
Understanding BGP AS Paths
What is RPKI? Securing BGP Routing
What is DNS? The Internet's Phone Book
What is an IP Address?
IPv4 vs IPv6: What's the Difference?
What is a Network Prefix (CIDR)?
What is an Internet Exchange Point (IXP)?
What is Peering? How Networks Interconnect
How Does Traceroute Work?
What is a CDN? Content Delivery Networks Explained
What is DNS over HTTPS (DoH)?
What are TLDs? Top-Level Domains Explained
What is Anycast? One IP, Many Servers
What is a Subnet? IP Subnetting Explained