Tech Giants’ Traffic Redirected Through Russia

Rengar

Level 17
Thread author
Verified
Top Poster
Well-known
Jan 6, 2017
835
Several major tech names had their cloud traffic redirected through a Russian ISP.
In one of the strangest “we have nothing to fear from Russian hacking” events this month, several major tech names had their cloud traffic redirected through a Russian provider. The brief but allegedly intentional event affected companies like Apple, Facebook, Google, and Microsoft.

According to Roger Fingas for AppleInsider, “The incident involved the Border Gateway Protocol, or BGP, which funnels high-level traffic through nodes like internet backbones, according to Ars Technica, citing reports by monitoring services BGPMon and Qrator Labs. BGPMon recorded two three-minute hijacks, affecting 80 address blocks in total. Qrator Labs said the incident spanned two hours, with the number of address blocks fluctuating between 40 and 80.”


Several major tech names had their cloud traffic redirected through a Russian ISP.

There’s more…
It gets weirder. BGPMon released a post that said the Russian Autonomous System that announced the very specific profiles belonging to the handful of tech giants goes completely unused and silent. This hijacking is only the second time in many years that the system has begun announcing prefixes at all, coming the day before the US FCC’s net neutrality repeal vote.

Andree Toonk for BGPMon noted, “What makes this incident suspicious is the prefixes that were affected are all high profile destinations, as well as several more specific prefixes that aren’t normally seen on the Internet. This means that this isn’t a simple leak, but someone is intentionally inserting these more specific prefixes, possibly with the intent the attract traffic.”

Sounds familiar
As ArsTecnica has pointed out concerning this event, it follows on the heels only eight months after significant traffic from major financial institutions like Mastercard and Visa had traffic intentionally hijacked and rerouted through Russia-controlled providers. In that event, even if the information was encrypted, hackers or state-sponsored operatives could follow the path back to smaller businesses or even individuals whose security protocols might not be as secure.

In these latest incidents, it is known that other entities were able to latch onto the prefixes that were broadcast.
 

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
ALL your base are belong to RUSSIA
Madness Assault.jpg

Madness Assault.jpg
- this is reality. And there's nothing you can do about it.:devil:

..

- you see, it's evil that says this...
then then

_______________

base_cats1.jpg


Cloud: All Your Base (data, work, time, thoughts) Belong to Us.

- This is reality.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top