Routing security gaps threaten your 2026 supply chain

With global cybercrime costs hitting $10.8 trillion in 2026, ignoring Internet routing security is financial suicide. Dan Fidler's February 2026 MANRS paper argues that enterprises must treat the global routing system as a critical, under-managed supply chain dependency rather than a background utility. The thesis is clear: voluntary operator goodwill has failed, and only aggressive demand-side pressure via enterprise procurement can force the adoption of necessary safeguards.

Current defense models obsess over hardening endpoints and encrypting data, yet they blindly trust the Border Gateway Protocol infrastructure that actually delivers traffic to those assets. This gap is catastrophic given that AI-driven threats in 2026 will exploit these protocol weaknesses to escalate attack speed and scope, according to Google Cloud security forecasts. When an upstream provider suffers a route hijack or leak, the resulting traffic interception or blackholing occurs entirely outside the enterprise's direct control, rendering internal perimeter defenses useless.

This article details how organizations can pivot from passive victims to active governors of their connectivity. Readers will learn why routing failures constitute a top-tier digital supply chain risk, how specific BGP vulnerabilities enable sophisticated traffic interception, and the precise mechanism for mandating routing security through binding procurement controls. It is time to stop expecting network operators to self-regulate and start buying connectivity like the critical business asset.

The Role of Internet Routing in the Modern Digital Supply Chain

Why Internet Routing Is a Critical Supply Chain Dependency

MANRS data shows internet routing functions as an under-managed dependency where Border Gateway Protocol (BGP) lacks built-in authentication. This architectural gap permits route hijacks that redirect traffic outside enterprise control boundaries. According to MANRS, global cybercrime costs are projected to reach $10.8 trillion in 2026, framing insecure routing as a primary financial vector. The mechanism relies on trust; routers accept path claims without verification, allowing misconfigured upstreams to propagate invalid reachability information. However, technical fixes like RPKI remain voluntary, leaving adoption driven by community goodwill rather than contractual obligation. This creates a tension where internal security hardening fails against external path manipulation.

Crypto crimes alone are expected to cost the world $30 billion annually by 2027, a segment directly linked to these routing vulnerabilities per Demandsage research. The operational consequence is clear: internal hardening cannot stop attacks injected into the global transit fabric. Procurement mandates requiring MANRS+ adherence shift liability to carriers who control the injection points.

As reported by MANRS, 48.18% of invalid prefixes stem from bad maximum prefix lengths, creating immediate outage risks. These configuration errors trigger service outages that bypass internal security perimeters entirely. Shipping giants Maserk and Hapag-Lloyd reported degraded schedules due to rerouting, proving operational costs extend far beyond IT budgets. Financial loss accumulates through increased bunker fuel consumption and missed delivery windows rather than direct theft alone. However, the most severe impact often manifests as reputational damage when customers lose access to critical cloud platforms. Unlike inward-facing defenses, enterprises cannot patch Border Gateway Protocol (BGP) vulnerabilities on upstream provider equipment. This external dependency means a single misconfigured peer can nullify years of endpoint hardening investments. Without such mandates, firms remain exposed to supply chain disruptions they cannot technically prevent. The cost structure favors prevention over reaction, yet market incentives currently reward speed over stability. Operators must choose between fragile connectivity and resilient, verified paths.

How BGP Vulnerabilities Enable Route Hijacking and Traffic Interception

per BGP Trust Model Flaws Enabling Route Hijacks and Leaks

MANRS, 71% of participants achieve ROA coverage, yet global validation remains sparse enough to trust unverified path claims. The Border Gateway Protocol (BGP) operates on implicit trust, accepting routing updates without cryptographic proof of ownership. This architectural gap allows invalid prefixes to propagate instantly across the global table. When a rogue Autonomous System announces a more specific prefix, upstream routers prioritize the longer match regardless of legitimacy. Consequently, traffic destined for legitimate enterprises gets redirected to attacker infrastructure or blackholed entirely. Configuration errors drive most failure modes rather than malicious intent. Misconfigured filters on peer links frequently leak full tables or incorrect origins to neighbors.

Upstream Provider Misconfigurations Disrupting Enterprise Availability

Bad maximum prefix lengths on upstream routers cause nearly half of all routing anomalies, directly triggering enterprise outages. The Border Gateway Protocol (BGP) mechanism blindly propagates these excessive route announcements because it lacks inherent validation logic for path attributes. Consequently, traffic destined for an enterprise gets dropped or misrouted several hops away from the corporate edge. Operators cannot simply patch local firewalls to fix service outages caused by external peer mistakes. Logical failures create unavoidable physical dependencies. Based on Emerging Trends and Future Threat Environment, a high correlation between military operations and network outages, proving that geopolitical conflict exacerbates routing instability. A carrier might maintain perfect internal hygiene yet suffer total blackout due to a neighbor's typo. This vulnerability forces a choice between accepting fragility or demanding contractual guarantees. Enforcement remains difficult without standardized procurement language.

Enterprises must treat routing availability as a supply chain requirement. Waiting for voluntary industry fixes leaves critical connectivity exposed to random failure.

AI-according to Escalated Threats and Geopolitical Fragmentation in Routing

Emerging Trends and Future Threat Environment, threat actors will use AI in 2026 to escalate attack speed, overwhelming manual BGP response teams. This acceleration compresses the detection window for route hijacking events below human reaction times. Automated injection scripts can now propagate invalid prefixes across multiple domains before operators verify path legitimacy. The consequence is a systemic shift where traffic interception becomes transient yet frequent enough to evade standard logging. Conflicts and trade wars drive geopolitical fragmentation that fractures the global routing environment. As reported by Emerging Trends and Future Threat Environment, these geopolitical fractures increase supply chain risks by isolating routing tables along national borders. Enterprises face a binary choice: accept fragmented connectivity or risk exposure to state-level routing manipulation. Unlike configuration errors, these intentional disruptions target specific economic sectors rather than random infrastructure. Current defense models assume a unified global Internet, creating a significant limitation. Operators must assume Border Gateway Protocol (BGP) updates from adversarial regions are compromised by default. Reliance on voluntary cooperation fails when nation-states weaponize routing policy.

Mandating Routing Security Through Enterprise Procurement Controls

MANRS+ per as the Enterprise Procurement Standard for Routing Security

MANRS, global cybersecurity spending will hit $213 billion in 2025, yet routing remains a blind spot in procurement checklists. MANRS+ functions as an elevated participation tier currently under active development to close this gap by defining enterprise-critical controls beyond standard peer-to-peer norms. Unlike the baseline framework focused on operator goodwill, this new tier clarifies responsibilities for organizations operating their own networks and purchasing transit. The mechanism shifts routing security from a voluntary technical preference to a mandatory vendor qualification metric. Enterprises gain use by demanding verifiable RPKI adoption and path validation as contract prerequisites rather than optional features. However, the limitation is that only providers with published upstream lists can satisfy these enhanced requirements, excluding smaller carriers lacking RIR coordination resources. This exclusion creates a tension between supply chain durability and vendor diversity, forcing buyers to choose between strict security posture and market competition. Failure to codify these standards leaves enterprises exposed to upstream misconfigurations they cannot technically mitigate locally. Procurement teams must treat BGP hygiene as a non-negotiable service level agreement component.

based on Mandating RPKI and MANRS Participation in Upstream Provider Contracts

US Department of Commerce, ROA coverage jumping from 33% in 2023 to 83% by August 30, 2024, proving procurement mandates drive rapid technical compliance. RPKI validation requires operators to cryptographically sign route origins, allowing downstream peers to reject unsigned or invalid announcements before they enter the local routing table. The cost is measurable friction during vendor selection, as fewer than half of global providers currently publish complete Route Origin Authorizations. Enterprises must treat missing RPKI signatures as a disqualifying defect rather than a optional feature.

Waiting for voluntary adoption leaves supply chains exposed to preventable hijacks. The use exists only if buyers exercise.

Voluntary Best Practices Versus Mandatory Procurement Requirements for BGP Security

Voluntary peer agreements fail to scale security because individual operators bear costs while the system reaps benefits, leaving enterprise risk unmanaged. The mechanism relies on goodwill rather than contractual obligation, creating a gap where routing leaks persist without penalty. However, voluntary adoption leaves significant portions of the address space unprotected against traffic interception. This limitation forces organizations to accept systemic vulnerability despite local hardening efforts. Mandatory procurement clauses change routing hygiene from an optional courtesy into a verified service level agreement. InterLIR analysis indicates that shifting to demand-side pressure compels upstream providers to implement RPKI validation or lose contracts.

The cost of maintaining voluntary frameworks is measurable in continued exposure to supply chain attacks. A tension exists between maintaining broad vendor pools and enforcing strict technical compliance, yet the alternative is unchecked infrastructure fragility. Enterprises must define clear expectations to break the cycle of inaction.

Implementing MANRS+ Standards for Enterprise Network Durability

Implementation: Defining MANRS+ as the Enterprise Routing Security Tier

MANRS+ defines an elevated participation tier under active development that codifies enterprise obligations beyond standard operator norms. This framework shifts routing security from voluntary peer agreements to mandatory procurement constraints where vendors must prove compliance. The mechanism requires organizations to validate upstream path integrity rather than relying solely on origin checks like RPKI. Adoption faces friction because fewer than half of global providers currently publish complete Route Origin Authorizations. Enterprises gain use by treating missing signatures as disqualifying defects in vendor selection processes.

1. Require upstream providers to publish Route Origin Authorizations covering all delegated address space.
2. Mandate RPKI validation on edge routers to reject unsigned or invalid announcements automatically.
3. Include routing leak protection clauses in service level agreements with financial penalties for non-compliance.
4. Audit provider BGP configurations annually against MANRS+ baseline controls.

The cost is measurable friction during vendor onboarding, yet ignoring this layer leaves enterprise risk unmanaged despite local hardening. Enterprises must validate upstream routing security through a strict four-step verification process before contract finalization. First, query the RPKI repository to confirm the provider signs all announced prefixes with valid ROAs. Second, check the MANRS dashboard for active participant status and documented filtering policies. Third, demand written confirmation of AS_PATH validation capabilities to prevent route leaks from downstream peers. Fourth, verify the provider rejects invalid routes by default rather than accepting all claims.

A gap persists where 29% of MANRS participants still lack full ROA coverage, forcing buyers to choose between security and connectivity options. This deficit means enterprises may need to mandate remediation timelines within service level agreements. Without such clauses, organizations inherit unmitigated supply chain risk from provider negligence. Enterprises must treat unsigned routes as critical defects during vendor selection to mitigate systemic exposure.

1. Mandate RPKI validation clauses in all ISP contracts to enforce cryptographic origin checks.
2. Require written evidence of AS_PATH filtering capabilities to prevent upstream route leaks.
3. Validate provider participation in MANRS+ initiatives through InterLIR dashboards before finalizing agreements.
4. Audit supplier compliance annually against set routing security baselines.

Threat actors now use AI to accelerate hijack propagation, outpacing manual detection methods used by many operators. Geopolitical fragmentation increases supply chain volatility while relying on voluntary operator goodwill leaves gaps that attackers exploit. Strict filtering may initially reject legitimate but misconfigured peer announcements, requiring coordinated remediation. This tension between immediate availability and long-term integrity forces a choice: accept transient outages to enforce security or tolerate persistent vulnerability. Organizations ignoring this shift risk becoming collateral damage when upstream providers fail to adopt necessary controls. InterLIR recommends integrating these technical mandates into broader risk management frameworks immediately.