Russian telecom accused of 'hijacking' web traffic intended for Google, Amazon, and more
Rostelecom was linked to a recent 'BGP hijack'By Cohen Coberly
In brief: Russia has been blamed for plenty of cyberattacks in the past, and we're seeing another example of that now. Web traffic intended for over 200 content delivery networks (including those owned by Digital Ocean, Google, and Amazon) was reportedly hijacked and routed through a Russian telecom's servers last week.
The hijacking managed to impact "more than 8,800 internet traffic routes," according to ZDNet. We're not entirely sure what the purpose of the hijack was -- or even if it was malicious at all -- but it allegedly lasted about an hour.
Some believe the Russian telecommunications firm behind this situation, known as Rostelecom, used a BGP hijack to accomplish this feat. BGP hijacking is the "malicious rerouting" of internet traffic that exploits the "trusting nature" of the internet's Border Gateway Protocol. Cloudflare has an excellent write-up that describes this type of hijack in more detail, but the following excerpt sums it up nicely:
When an AS [an autonomous system managed by a single organization] announces a route to IP prefixes that it does not actually control, this announcement, if not filtered, can spread and be added to routing tables in BGP routers across the Internet. From then until somebody notices and corrects the routes, traffic to those IPs will be routed to that AS.
Again, we can't say with certainty that Rostelecom did this intentionally. As ZDNet points out, mistakes can happen, and all it would take for a situation like this to unfold is a human operator "mistyping" an AS number. However, the outlet also notes that Rostelecom has been linked to similar events in the past, which could imply a pattern of misbehavior at worst or incompetence at best.
Regardless, for the time being, no concrete damage has been proven. Rostelecom may have logged the rerouted traffic, but we can't be sure what it will do with the information, if anything. Either way, some skepticism is certainly warranted here, and it's no secret that Russia has stepped up its cyber warfare game over the past few years.