The method can't easily be fought since the BGP protocol itself requires an explicit level of trust to work as written, the experts say. The currently proposed solution would rely on BBN Technologies chief security scientist Stephen Kent's recently developed Secure BGP standard, which would force each router online to sign its routing map data and let network providers determine whether or not they will accept changes made by that router. A provider could establish blacklists that cut off unknown or actively hostile routers.

When a fix could be implemented is unknown and may not be likely in the near future, as a similar approach was demonstrated as early as 1998 but hasn't been introduced due to the performance issues associated with signing traffic in real time. The absence of a full attack using existing BGP flaws has also reduced the pressure to implement any short-term fixes.

News of the possible attack follows after revelations of a Domain Name Server (DNS) exploit earlier in the year that could falsely point users intending to visit one website to a different address, opening them to web-based attacks. Most operating system and browser developers affected by the DNS hole have patched against it.