Traffic Hijacking
Adware | 11/15/2018

Google Services- lost in transit or lost in translation?

About: Services from Google become temporarily unavailable for around 2 hours as users were misdirected to convoluted path through Network providers from Nigeria, China and Russia. The issue was resolved by Google after 74 minutes, however what happened exa...  Read More  

| Adware | Google Services- lost in transit or lost in translation?

According to a News report by the Wall Street Journal, some of the web services provided by the internet Giant Google were temporarily unavailable for nearly 2 hours on 12thNovember 2018.

 

The users trying to reach Google Services were rerouted to a sinuous path through operators existing in Russia, China and Nigeria.

 

A Google spokesman wrote that a portion of web traffic was impacted due to incorrect routing of IP addresses, and passage to Google Services was affected. The issue was resolved at 2:35 pm on Monday and services began to operate as expected.

 

However, the root cause of BGP Traffic Hijacking was external to Google and what exactly happened remains obscure.

Insight of Traffic Hijacking

 

The issue was first noticed by a network monitoring company, ThousandEyes, when they could not connect to Google’s G suite & incorrect routing instructions redirected them to Russian network operator TransTelekom, China Telecom & Nigerian Network provider, MainOne.

 

The issue became crucial when the entire web traffic dropped after landing at a router connected to China’s Telecom Framework, a government-owned provider. Following the drop, the issue caused a colossal Denial of Service (DoS).

Traffic Temp1

The nature of traffic misdirection engaged is known as Border Gateway Protocol Hijacking. The bgp hijacking can knock crucial & vital services offline and simplify cyber-espionage and financial theft.

 

The Border Gateway Protocol Hijacking can result either from human error, misconfiguration or from malevolent action.

 

The Nigerian Telecom Company accepted via Twitter that the rerouting was an error that occurred during a network upgrade due to misconfiguration on their Border Gateway Protocol. The MainOne leaked 212 prefixes to China Telecom which led to Traffic Hijacking and dropping.

 

Alex Henthorn-Iwane, a networking executive at ThousandEyes said that the Traffic Hijacking that took place on 12th November 2018 was worst that his San Francisco based company has seen so far.

Traffic Temp2

In addition to that he doubted a nation-state involvement behind BJP Hijack as the traffic dramatically landed at a government-owned provider, China Telecom. According to a recent study by U.S Naval War College, scholars have revealed that China methodically hijacks & diverts U.S. web traffic.

Conclusion

 

In the contemporary era, internet has become one of the world’s primary geopolitical battlefields, which has ultimately made the global web traffic routing systems vulnerable to threats. The independence and neutrality of Border Gateway Protocol providers is not always a certain matter.

 

In contrary to that, Google told the Wall Street Journal that they could not find any reason to define the incidence as a malicious one. ThousandEyes conceded in a blog post that the incidence could have been a technical glitch pertaining to Border Gateway Protocol Routing peering agreement between providers from Nigeria and China.

 

However, it has been disputed that Border Gateway Protocol needs to upgrade its security solution by making amendments in its filtering & verification mechanism. The upgrade would aid in protecting the traffic against both intentional & unintentional mishaps.

Hits: 115

Leave a Reply

Your email address will not be published. Required fields are marked *

Did you find the article informative? Yes NO

Get Regular Updates Related to All the Threats

Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.

Virus Removal Guidelines
Plot No 319, Nandpuri- B Pratap Nagar
Jaipur
Rajasthan 302033
Phone: +91 9799661866