Hijacking Label Switched Networks in the Cloud
Paul Coggin (@PaulCoggin)

The telecommunications networks are one of our most important critical infrastructure assets. In fact all of the other critical infrastructure domains are dependent upon the telecommunications critical infrastructure for operation for example ICS\SCADA. In this talk we will discuss a quick overview of telecommunication architectures and operations for border gateway protocol (BGP) services with references to the recent BGP prefix hijacking attacks. The discussion will then pivot to how Multiprotocol Label Switch (MPLS) networks may be attacked in telecommunications networks. Could it be that the MPLS networks are being attacked similar to BGP? How would someone go about targeting MPLS networks? The MPLS discussion will provide an overview of MPLS VPN's and MPLS traffic engineering architectures and operations including packet captures of label traffic for reference. Attack vectors for targeting MPLS networks will be addressed in addition to a couple new ideas for gathering intel from MPLS networks. Recommendations for monitoring and securing BGP and MPLS networks will be discussed as well.

Bio: Paul Coggin is senior principal cybersecurity analyst with Dynetics. He is responsible for architecting and securing large complex tactical, critical infrastructure and service provider networks. His expertise includes tactical, service provider, and ICS\SCADA network infrastructure hacker attacks, and defenses, as well as large complex network design and implementation. His experience includes leading network architecture reviews, vulnerability analysis, and penetration testing engagements for critical infrastructure and tactical networks. Paul is a Cisco Systems certified Instructor #32230, certified EC-Council instructor, and certified SCADA security architect. He has a bachelor's degree in mathematics, a master's in computer information systems, and a master's in information assurance and security. He is currently pursuing a master's in system management. In addition he holds a wide array of certifications from Cisco, EC Council, ISC^2, and others.

Back to BSides Huntsville 2015 video list