Web Traffic Hijack Puts Major Sites at Risk

Hole in the Internet's routing system Sends traffic to the wrong parts of the world

web traffic hijack puts major sites at risk

A flaw in the internet routing system is being used to hijack traffic and send it through various countries-including China and Russia

The border Gateway protocol(BGP) is a key element in linking the internet's various Network and managing the way traffic between geographical areas. However, a system flaw allows any relevant network controller to make changes to the way traffic is directed hand poses a serious threat according to the experts

I suspect it's been happening for a while but with organizations now taking a greater interest in routing it's becoming more Apparent, said Allen Woodward a cybersecurity computer science Professor at the University of Surrey.

China has a reputation for hoovering as much data as it can access which might explain why it is seen as beginning behind these incidents but to be fair we have seen Russia has an unusual routing destination before too - Woodward said

it is not just about nations are criminals hoovering up traffic although this is a major motivation I suspect we have seen some criminals use it as a mean of curing illegal activities

Google and several major services it hosts where severally disrupted in November when some of its traffic was abortively routed through China

Researchers at Oracle also showed that cases of misdirection had been ongoing for several months due to the way China Telecom nodes in the US were configured during an attack other examples have been seen in Iran Italy and China

China Telecom has already relatively seamlessly Hijacked domestic US and cross US traffic and redirected it to China over days weeks and months.
The pattern of traffic revealed in traceroutes research suggest repetitive IP hijack attack committed by China Telecom 
While one may argue such attacks can always be explained by normal BGP behavior this is in particular against malicious intent because of their unusual transit characteristics

Flawed system

The BJP link the internet's autonomous system with it network identified by an autonomous system number(ASN)  which Lays out how traffic arriving and living at the network is routed 

In theory, it should always mean traffic goes the shortest and fastest route but anyone with access to the ASN can make changes that are instantly updated and become part of wabs A-Z 

The problem is that once updated, it is propagated Across the internet and implicitly trusted it was always resumed when designed that there would be no reason not to trust it

Comments