Security News China Hijacking Internet Traffic Using BGP

upnorth

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Content source
https://nakedsecurity.sophos.com/2018/10/30/china-hijacking-internet-traffic-using-bgp-claim-researchers/
China has been accused of hijacking the internet’s Border Gateway Protocol (BGP) to carry out covert man-in-the-middle surveillance on Western countries and companies.

BGP governs how traffic is routed between subdivisions of the internet known as autonomous systems (AS). It ensures that traffic reaches the correct servers – meaning messing around with it is bad news. Usually, proving what’s been going on with hard technical evidence is extremely difficult when nations are accused of nefarious internet activities. That should be true for BGP hijacking too, where deliberate attacks can be hard to distinguish from innocent router misconfiguration. However, the authors of ‘China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking‘ say they analysed data from a special route-tracing system hosted at the University of Tel Aviv that is capable of detecting unusual patterns of BGP ‘announcements’.Since 2016, this helped them pick up a series of unusual routing events that they believe were too consistent in their duration and scale to be dismissed as accidents.

The infamous illustration would be Pakistan Telecommunication Authority’s (PTA) 2008 hijack of YouTube traffic to block a contentious video. PTA’s poorly executed approach was to try to sinkhole all traffic to a subset of IP addresses belonging to Google that gave access to the video in the country. This was done via BGP, which advertised Pakistan Telecom as the route to this address, which other BGP routers noticed was more specific in its address than Google’s normal route. BGP routers are programmed to favour this specificity and so this new routing perpetuated across most of the internet. The result: YouTube went down, globally, for two hours as all its traffic went to Pakistan Telecom to be thrown into a sinkhole. An accident perhaps but there have been other, even stranger incidents including one involving China Telecom itself in 2010 in which erroneous BGP saw as much as 15% of the world’s internet traffic routed through Points of Presence (POPs) controlled by the company.
Click to expand...
 
  • Like
Reactions: Daviworld, given, ChemicalB and 3 others
You must log in or register to reply here.

Similar threads

upnorth
    • Like
    • Wow
Crypto Opinions & News How 3 Hours of Inaction from Amazon Cost Cryptocurrency Holders $235,000
Replies
0
Views
345
Crypto News
upnorth
upnorth
vtqhtr413
    • Like
    • +Reputation
Security News TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service
Replies
4
Views
934
Security News
Jonny Quest
Jonny Quest
Bot
    • Like
Security News APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage
Replies
0
Views
831
Security News
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top