China's Maxim: BGProtect's Role in Shaping US Cyber Policy Recommendations

The research paper “China’s Maxim – Leave No Access Point Unexploited” by Chris C. Demchak and Yuval Shavitt exposed a systematic pattern. Unlike accidental misconfigurations, China Telecom (CT) utilized its Points of Presence (PoPs) within North America and Europe to intentionally reroute data traffic.

BGP Hijack

The fundamental mechanism of the attack is using BGP for Man-in-the-Middle (MITM). Instead of dropping traffic, the malicious PoP announces a more specific or attractive route, acting as a detour that allows the data to be inspected or copied before being forwarded to its final destination.

Global Architecture of Access

While hijack attacks can be performed from any location, geographic proximity tothe destination makes the attack easier and harder to detect. China Telecom established PoPs in major internet exchange hubs across North America and Europe. These allowed false routes to be announced directly into Western backbones.

Policy Impact and Strategic Shifts

Following the paper publication, citations of the paper surged in government hearings and strategic policy documents. The research became a cornerstone of the U.S. Clean Network initiative and 5G exclusion policies. The fact that the paper went beyond a technical exposé, into a policy suggestion that inspired a structural reconfiguration of the U.S. telecommunications sector.

From Analysis to Federal Mandate

By 2025, the open-internet model (predicated on the assumption that all backbone carriers are neutral) was formally abandoned in favor of Zero Trust.

Key regulatory actions included:

FCC License Revocations
Citing the Maxim logic directly, the FCC revoked Section 214 operating authorities for state-owned carriers including China Telecom, China Unicom, and Pacific Networks, removing the access points identified in the research.

• China Telecom (Americas) Order on Revocation and Termination (FCC)
• FCC Revokes Pacific Networks’ and ComNet’s Telecom Service Authority (FCC)

The 2024 ONCD & NTIA Roadmap
The White House Office of the National Cyber Director (ONCD), in coordination with NTIA, moved from recommendation to requirement.
The Roadmap to Enhance Internet Routing Security mandates RPKI adoption for federal agencies and contractors, explicitly reframing routing security as a matter of national economic and national security.

• NTIA analysis and technical context
• Official White House / ONCD press release

The 2025 Executive Order
A January 2025 order expanded Zero Trust principles to naming infrastructure, requiring encrypted DNS (DoH/DoT) across all executive branch agencies to prevent DNS-based traffic analysis and user-intent surveillance.

• Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity (White House)

This policy tsunami effectively quarantined Western routing infrastructure, replacing implicit trust with cryptographic verification.

Securing the Backbone

In response to “China’s Maxim” and similar warnings, global adoption of cryptographic validation of route announcements is required, filtering false directions issued by hijackers.

Key pillars now include:

• ASPA (Autonomous System Provider Authorization): using RPKI to verify the relationship between customers and their providers
• PoP Auditing: Heightened scrutiny of foreign state-owned carriers
• Route Monitoring: Continuous, real-time anomaly detection platforms such as BGProtect