• As news unfolds surrounding the U.S. • capture and arrest of Venezuelan leader Nicolás Maduro, a cybersecurity newsletter examined Cloudflare Radar data and took note of a routing leak in Venezuela on January 2. • We dug into the data. • Since the beginning of December there have been eleven route leak events, impacting multiple prefixes, where AS8048 is the leaker. • Although it is impossible to determine definitively what happened on the day of the event, this pattern of route leaks suggests that the CANTV (AS8048) network, a popular Internet Service Provider (ISP) in Venezuela, has insufficient routing export and import policies. • In other words, the BGP anomalies observed by the researcher could be tied to poor technical practices by the ISP rather than malfeasance.

Article Summaries:

  • A cybersecurity newsletter has highlighted a series of Border Gateway Protocol (BGP) route leaks in Venezuela, all traced to the ISP CANTV (AS8048). Cloudflare Radar data shows eleven leak events since early December, with the most recent on January 2. The leaks involve CANTV redistributing routes beyond its intended scope, violating valley‑free routing rules. Analysts suggest the pattern points to inadequate routing export/import policies rather than intentional wrongdoing. The report explains BGP mechanics and the impact of such leaks, noting that the anomalies likely stem from technical misconfigurations within the Venezuelan ISP.

Sources: