Share Internet Traffic Diverted Via Russia for A Short Time

Share Internet Traffic Diverted Via Russia for A Short Time

Some of the internet traffic was diverted for an hour last week via Rostelekom. That is the Russian state provider and censor.

 

It is not clear whether it is a deliberate hijack or a configuration error.

This concerns more than 8800 internet routes with traffic that was intended for two hundred content providers and cloud hosting companies.

Traffic from Google, Amazon, Facebook, Akamai, Cloudflare, GoDaddy and LeaseWeb, among others, was diverted for an hour via Rostelekom. That writes tech site ZDNet.

Traffic was diverted via a modified border gateway protocol, with the Russian network falsely announcing that specific server IPs belonged to it.

Those BGP routes are vulnerable because participating networks can ‘claim’ individual IPs. If that happens consciously, it speaks of a ‘man-in-the-middle’ attack. For example, providers could divert traffic to spy on the data streams.

Since the introduction of https, where the traffic is sent to the net in an encrypted manner, this has been much less common. Because the protocols are so sensitive, it occasionally happens ‘accidentally’.

For example, at the end of 2018, a diversion of internet traffic along with China and Russia temporarily shut down Google’s services. In that case, it was probably a configuration error. Whether this diversion is a hijack or an error is not clear at this time.

Leave a Reply

Back to top