Russian telecom accused of 'hijacking' web traffic intended for Google, Amazon, and more

Polycount

Posts: 2,402   +541
Staff member

The hijacking managed to impact "more than 8,800 internet traffic routes," according to ZDNet. We're not entirely sure what the purpose of the hijack was -- or even if it was malicious at all -- but it allegedly lasted about an hour.

Some believe the Russian telecommunications firm behind this situation, known as Rostelecom, used a BGP hijack to accomplish this feat. BGP hijacking is the "malicious rerouting" of internet traffic that exploits the "trusting nature" of the internet's Border Gateway Protocol. Cloudflare has an excellent write-up that describes this type of hijack in more detail, but the following excerpt sums it up nicely:

When an AS [an autonomous system managed by a single organization] announces a route to IP prefixes that it does not actually control, this announcement, if not filtered, can spread and be added to routing tables in BGP routers across the Internet. From then until somebody notices and corrects the routes, traffic to those IPs will be routed to that AS.

Again, we can't say with certainty that Rostelecom did this intentionally. As ZDNet points out, mistakes can happen, and all it would take for a situation like this to unfold is a human operator "mistyping" an AS number. However, the outlet also notes that Rostelecom has been linked to similar events in the past, which could imply a pattern of misbehavior at worst or incompetence at best.

Regardless, for the time being, no concrete damage has been proven. Rostelecom may have logged the rerouted traffic, but we can't be sure what it will do with the information, if anything. Either way, some skepticism is certainly warranted here, and it's no secret that Russia has stepped up its cyber warfare game over the past few years.

Permalink to story.

 

Getgone

Posts: 32   +58
Russian ISPs are legally obligated to keep data of every user and make being anonymous as hard as possible for users. No wonder they trying to have complete control over internet users.

Government is living in 80s where if you're scared of something - you need to control it even if you don't understand it. BTW, this is a reason why russian special service is blocking "dangerous" websites by IP, which is pretty idiоtic.