Border Gateway Protocol (BGP) hijacking has long represented a critical vulnerability in the internet’s infrastructure, allowing attackers to silently redirect traffic between endpoints. The risk is so great the U.S. government has even branded it as a national security concern.
A particularly concerning exploitation target is the domain validation process used by certificate authorities (CA) to verify ownership before issuing SSL/TLS certificates. These are the certificates that are used by all web browsers to connect securely to websites. To combat this threat, the CA/Browser Forum has issued a directive for CAs to support Multi-Perspective Issuance Corroboration (MPIC), starting in September 2025.
No Responses