Gina M. Raimondo, Secretary of Commerce | Ballotpedia
The U.S. Department of Commerce's National Telecommunications and Information Administration (NTIA), in collaboration with several other bureaus within the department, has begun implementing a significant Internet routing security measure. This initiative is aimed at enhancing cybersecurity across the department and fulfills a key priority from the National Cybersecurity Strategy.
Internet routing security, which ensures that Internet traffic reaches its intended target, has been a concern for over two decades. In 2003, the White House acknowledged that Internet routing incidents posed a substantial risk of disrupting Internet service. Since then, agencies such as the National Institute of Standards and Technology (NIST), the Department of Homeland Security, and the Federal Communications Commission have collaborated with stakeholders to develop solutions and promote routing security.
However, in 2023, the Biden Harris Administration’s National Cybersecurity Strategy identified routing security as a “pervasive concern.” This is partly because despite being a large holder of Internet address resources, the U.S. government has a low adoption level of routing security.
In response to this concern, the National Cybersecurity Strategy urged federal agencies to implement routing security measures. NTIA has assisted in developing a model contract for other federal agencies to use when adopting routing security.
U.S. Deputy Secretary of Commerce Don Graves stated, “At the Department of Commerce, we are working hard to implement President Biden’s National Cybersecurity Strategy and make sure government websites are secure.” He added that this is due to two decades' worth of collaboration between the U.S. government and stakeholders in the Internet engineering community.
Alan Davidson, Assistant Secretary of Commerce for Communications and Information and NTIA Administrator, noted that "the National Cybersecurity Strategy called on the federal government to lead by example in implementing network routing security." He emphasized that today's actions demonstrate how NTIA has worked diligently with various partners to achieve this goal.
NTIA created Route Origin Authorizations (ROAs) that authenticate NTIA’s addresses as destinations found on the Department of Commerce’s network. ROAs protect against address hijacks, which can result in loss of service or interception of data. The Border Gateway Protocol (BGP) is the protocol by which networks announce they are a destination or a route to a destination.
NTIA has been working with stakeholders to advance federal routing security. It collaborated with the American Registry for Internet Numbers (ARIN), which provides tools to protect against address hijacks, and with Mutually Agreed Norms of Routing Security (MANRS), a project of the Internet Society and the Global Cyber Alliance.
