Morning pedes,
I'm a sysadmin working for a small datacenter in Germany. Against 09:00 GMT we had calls from some of our customers, they were complaining about some service degradation: load times for websites slowed down, ssh connections got terminated, ftp traffic was slow.
Analyzing my systems led to no results, so I called my provider if there was an issue with our connection.
He said: "to make it short: the Internet is partially broken..." I said what? Yup, some issues with route announcements in the BGP routers around the world.
As I write this, he called me back to tell me the issue got solved. Some guy/group, whatever, was able to insert false route announcements at BGP level, this is insane.
Let's see what the day brings up, but this was pretty scary (well, for my customers and for my boss, for me it was pretty exciting). Eyes on.
Godspeed, frens
Yup, there is no security in the protocol itself - it's all about whether the peering points will accept the connection and updates or not.
If you are in possession of zero day exploits for these routers then you can basically do what you like.
The stealthiest approach is to point the traffic you want to intercept to a mirror, and then forward that traffic on to the original destination once you have a copy of it (man in the middle).
Depending on what you are doing and where you are doing it adds to the complexity of doing this seamlessly, but it's certainly possible.