So the real question then would be whether the various organized-crime groups are well-enough connected to make this work.
Shouldn't be too hard—all kinds of options open up when you're not bound by law or morality.
Do a traceroute to find out your target's upstream providers; say it's Level3. Do a little social engineering on Level3 to find out who maintains the route filters; say it's Fred. Get one of your people hired by Level3's cleaning service. Find enough information on Fred's desk to track down his wife and kids, take a few pictures through a rifle sight, and you're in.
Of course, this kind of thing works even without a BGP vulnerability; but the vulnerability makes it easier to get away with it, since it may not be noticed for a long time.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Organized crime
Date: 2008-08-29 12:47 pm (UTC)Shouldn't be too hard—all kinds of options open up when you're not bound by law or morality.
Do a traceroute to find out your target's upstream providers; say it's Level3. Do a little social engineering on Level3 to find out who maintains the route filters; say it's Fred. Get one of your people hired by Level3's cleaning service. Find enough information on Fred's desk to track down his wife and kids, take a few pictures through a rifle sight, and you're in.
Of course, this kind of thing works even without a BGP vulnerability; but the vulnerability makes it easier to get away with it, since it may not be noticed for a long time.