<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body dir="auto">
<div dir="ltr"></div>
<div dir="ltr">On May 6, 2019, at 9:26 AM, Keith W. Hare <<a href="mailto:Keith@jcc.com">Keith@jcc.com</a>> wrote:</div>
<div dir="ltr">...<span style="color: rgb(32, 56, 100); font-family: Calibri, sans-serif;">Owen Delong described two technical mechanisms used for BGP hijacking:</span><span style="color: rgb(32, 56, 100); font-family: Calibri, sans-serif;"> </span></div>
<blockquote type="cite">
<div dir="ltr">
<p class="MsoPlainText" style="margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo2">
<!--[if !supportLists]--><span style="font-family:"Calibri",sans-serif;color:#203864;mso-style-textfill-fill-color:#203864;mso-style-textfill-fill-alpha:100.0%"><span style="mso-list:Ignore">1.<span style="font:7.0pt "Times New Roman"">      
</span></span></span><!--[endif]--><span style="font-family:"Calibri",sans-serif;color:#203864;mso-style-textfill-fill-color:#203864;mso-style-textfill-fill-alpha:100.0%">(Easiest and most common) Find a location in the internet where you can inject a route
 and have it propagate and exploit it.<o:p></o:p></span></p>
<p class="MsoPlainText"><span style="font-family:"Calibri",sans-serif;color:#203864;mso-style-textfill-fill-color:#203864;mso-style-textfill-fill-alpha:100.0%"><o:p> </o:p></span></p>
<p class="MsoPlainText" style="margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo2">
<!--[if !supportLists]--><span style="font-family:"Calibri",sans-serif;color:#203864;mso-style-textfill-fill-color:#203864;mso-style-textfill-fill-alpha:100.0%"><span style="mso-list:Ignore">2.<span style="font:7.0pt "Times New Roman"">      
</span></span></span><!--[endif]--><span style="font-family:"Calibri",sans-serif;color:#203864;mso-style-textfill-fill-color:#203864;mso-style-textfill-fill-alpha:100.0%">(less common but does happen) Find address space issued to a defunct organization or an
 organization that does not appear to be actively using it and attempt to steal it from them through the RIR process by creating a new similar looking organization and then attempting to fraudulently “reclaim” the resources.</span></p>
<p class="MsoPlainText"><span style="font-family:"Calibri",sans-serif;color:#203864;mso-style-textfill-fill-color:#203864;mso-style-textfill-fill-alpha:100.0%">I think the ARIN policies & practice already handle mechanism 2, so I’m going to ignore that for
 the moment. ...</span></p>
</div>
</blockquote>
<br>
<div>FYI - for those interested in our current practices with regard to handling reports of potential route hijacking, please see our recent blog post - <a href="https://teamarin.net/2019/05/06/how-does-arin-handle-reports-of-route-hijacking/">https://teamarin.net/2019/05/06/how-does-arin-handle-reports-of-route-hijacking/</a></div>
<div><br>
</div>
<div>Thanks!</div>
<div>/John</div>
<div><br>
</div>
<div>John Curran</div>
<div>President and CEO</div>
<div>American Registry for Internet Numbers</div>
<div><br>
</div>
</body>
</html>