The internet that we know of is an interconnection of networks. The networks - managed by organizations, giant corporate, internet service providers (ISP), network service providers (NSP), cross countries internet exchange points (IXP) and various Regional Internet Registry (RIRs). The network traffic that flows across inside, through those various organizations, providers and points are generally managed, delivered and/or received and is generally handled through the protocol - a set of rules, usually known to the world as the Border Gateway Protocol (BGP). If someone with a malicious intent would try to break and/or manipulate this specific protocol (BGP) then that malicious attacker/party can possibly manipulate the traffic flowing in the internet as a whole.
BGP is basically used to interconnect, exchange routes and sharing reach ability information as a standardized exterior gateway routing protocol. Each entity is uniquely identified by it’s Autonomous System (AS) number. Technically, BGP works based on the best path selection algorithm to select the exact match although there are various different criteria such as weight, local preferences, neighbor count etc. For example let’s say Google is using 172.168.0.0/20 to announce the world that it is their network and on the other hand Someone is using 172.168.0.0/24 to announce the world that it is their network. So now, the traffic destined for 172.16.15.14 would go to Someone instead of Google if the information sent by Someone is accepted by the neighboring network and also if the information is further propagated across the internet. When the communication between different AS is either misconfigured or at cases hijacked, this specific chaotic scenario is then known to the world as Prefix hijacking and/or can be interpreted as BGP hijacking. The above example simply is not just a hypothetical scenario, these types of threats do exist in the internet. The case of AS 7007 incident in 1997, Pakistan hijacking the entire YouTube network in 2008, Chinese ISP hijacking the entire internet in 2010, Canadian ISP hijacked to heist Bitcoin and other cryptocurrency in 2014, Russian telecommunication companies hijacking the network of US tech giant companies multiple times including the MasterCard and Visa card network in 2017 and lately the incident of Google Cloud’s traffic being routed to Russia by the Nigerian ISP. A simple misconfiguration and/or a malicious intent in just a single protocol can create a chaos in the internet. According to some sources various state sponsored hackers, government agencies and private organizations have been found to have been doing so (traffic hijacking) for performing large scale man in the middle attack, traffic monitoring and/or for censorship.
Although security experts argue that BGP is never secure, instead a new protocol should somehow be introduced. Nevertheless, there are techniques like using RPKI (Resource Public Key Infrastructure) to sign the AS numbers with a cryptographic signatures, using Resource Origination Authorization (ROA) to associate the address prefix to the AS numbers and various others. As long as the technologies are not used and tuned properly, placing fancy technologies in place and not making use of them would never guarantee security and would always break the Confidentiality, Integrity and Availability of the system and/or Authenticity of the traffics across the network as a whole.