If criminals were able to send BGP information to a larger service provider that didn't properly check its BGP data, they could cause serious problems, McPherson said. "The reality is that if you wanted to cause global instability, you simply compromise one of those people who have access to a BGP-speaking router," he said.
Making BGP data more reliable isn't so easy either. Although secure versions of BGP have been developed, it would take a major effort to adopt them and until there's widespread concern over the current system, it is likely to continue.
Two parties were to blame for the YouTube fiasco, said a networking engineer familiar with the YouTube situation, who asked not to be identified. First, the Pakistani ISP should never have forwarded the bad BGP routing data to PCCW. Second, PCCW should have checked to make sure that the ISP was talking about its own domains before accepting the information.."One of the dirty secrets about the Internet is a lot of it is still a handshake deal," he said.