Monday, November 10, 2014

WTF, Russia’s domestic Internet traffic mysteriously passes through Chinese routers


This is significant news...this means the BRICS are now separating their Internet traffic to their own networks outside the US/UK/EU controlled networks...  This is not accidental.  Its starting...  -AK

WTF, Russia’s domestic Internet traffic mysteriously passes through Chinese routers

Unexplained diversion underscores insecurity of Net's global routing system.

by Dan Goodin - Nov 9 2014, 6:00pm WET

Dyn Research

Domestic Internet traffic traveling inside the borders of Russia has repeatedly been rerouted outside of the country under an unexplained series of events that degrades performance and could compromise the security of Russian communications.

The finding, reported Thursday in a blog post published by Internet monitoring service Dyn, underscores the fragility of the border gateway protocol (BGP), which forms the underpinning of the Internet's global routing system. In this case, domestic Russian traffic was repeatedly routed to routers operated by China Telecom, a firm with close ties to that country's government. When huge amounts of traffic are diverted to far-away regions before ultimately reaching their final destination, it increases the chances hackers with the ability to monitor the connections have monitored or even altered some of the communications. A similar concern emerged last year, when Dyn found big chunks of traffic belonging to US banks, government agencies, and network service providers had been improperly routed through Belarusian or Icelandic service providers.

The hijacking of Russian traffic is linked to last year's peering agreement between Russian mobile provider Vimpelcom and China Telecom. [...then its not hijacking is it? Its planned! -AK] The pact allowed the firms to save money by having some of their traffic carried over the other's network rather than through a more expensive transit operator.

On multiple occasions since then, according to Dyn, communications destined for Russia has followed extremely round-about routes that take the traffic into China before sending it on to its final stop. Doug Madory, director of internet analysis at Dyn, wrote:

Even Internet paths from Moscow to other parts of Russia were forced through China Telecom’s routers. In the following example, a traceroute from Moscow is taken by Vimpelcom to Frankfurt, handed over to China Telecom’s routers in Frankfurt and, (mercifully) redirected back into Russia via Megafon without getting directed out to Shanghai. (This diversion of domestic Russian traffic is illustrated in the graphic at the beginning of this blog.) 
trace from Moscow, Russia to Yaroslavl, Russia at 13:13 Aug 05, 2014
1 *
2 (Vimpelcom, Moscow, RU) 0.542ms
3 37.006ms
4 39.505ms
5 41.481ms
6 42.227ms
7 42.894ms
8 41.528ms
9 42.707ms
10 *
11 (MegaFon, Volga,RU) 49.992ms
12 50.301ms
13 (NETIS Telecom, Yaroslavl’, RU) 54.769ms
BGP is such a complex framework that improper routing of this type can often be the result of human error by engineers acting in good faith. But the same complexity and lack of security can just as easily be abused by hackers, government snoops, or vandals. Madory recommends operators of large networks carefully monitor the routes their traffic traverses and to filter the routes they receive. "Without both measures, your traffic could be easily misdirected, potentially hurting both the performance and security of your Internet communications," he warned.

Article updated to edit headline.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

This blog is supported by ads and donations. If you enjoy this blog please consider supporting it with a contribution via PayPal.