For 18 Minutes in April, China Hijacked 15% of the World’s Internet Traffic
November 17th, 2010Via: National Defense Magazine:
For 18 minutes in April, China’s state-controlled telecommunications company hijacked 15 percent of the world’s Internet traffic, including data from U.S. military, civilian organizations and those of other U.S. allies.
This massive redirection of data has received scant attention in the mainstream media because the mechanics of how the hijacking was carried out and the implications of the incident are difficult for those outside the cybersecurity community to grasp, said a top security expert at McAfee, the world’s largest dedicated Internet security company.
In short, the Chinese could have carried out eavesdropping on unprotected communications — including emails and instant messaging — manipulated data passing through their country or decrypted messages, Dmitri Alperovitch, vice president of threat research at McAfee said.
Nobody outside of China can say, at least publicly, what happened to the terabytes of data after the traffic entered China.
The incident may receive more attention when the U.S.-China Economic and Security Review Commission, a congressional committee, releases its annual report on the bilateral relationship Nov. 17. A commission press release said the 2010 report will address “the increasingly sophisticated nature of malicious computer activity associated with China.”
Said Alperovitch: “This is one of the biggest — if not the biggest hijacks — we have ever seen.” And it could happen again, anywhere and anytime. It’s just the way the Internet works, he explained. “What happened to the traffic while it was in China? No one knows.”
The telephone giants of the world work on a system based on trust, he explained. Machine-to-machine interfaces send out messages to the Internet informing other service providers that they are the fastest and most efficient way for data packets to travel. For 18 minutes April 8, China Telecom Corp. told many ISPs of the world that its routes were the best paths to send traffic.
For example, a person sending information from Arlington, Va., to the White House in Washington, D.C. — only a few miles away — could have had his data routed through China. Since traffic moves around the world in milliseconds, the computer user would not have noticed the delay.
This happens accidentally a few times per year, Alperovitch said. What set this incident apart from other such mishaps was the fact that China Telecom could manage to absorb this large amount of data and send it back out again without anyone noticing a disruption in service. In previous incidents, the data would have reached a dead end, and users would not have been able to connect.
Having been a top engineer at a nationwide ISP in a former life, I think this is much more likely a case of someone fat-fingering something into a BGP configuration change than anything nefarious. I’m willing to be wrong, though.
yeah, sounds like its time for our two minute hate, comrade…
@ ronjondoe,
Well, it’s not always about ‘hate’. One might simply wish to be aware of wrinkles in the big picture.
@Crates, I was being somewhat cynical…I get the feeling this is being over-blown to maintain that ‘they evil, we good’ vibe Big Brother gives us, the never-ending battle between Oceania and Eastasia must go on, comrade…Like @Mike said, it could be a total hoax manipulated in Newspeak to foment that mindset…
It sounds like it might be organized crime. Goodness knows what information the crooks gleaned from the fishing expedition they went on. I don’t imagine most of the data would be of any use to the Chinese government or even crooks for that matter. Let’s face facts most of the data hijacked such as your email to your grandma about Grandpas surprise 80th birthday party would not interest Chinese intelligence services.