Connect with us

Hacker News

Traffic Hijacking Makes Google Services Unreachable

Published

on

Traffic Hijacking Makes Google Services Unreachable

On Monday 12 November services from Google were rendered unavailable for around two hours after a traffic hijacking incident. Users trying to reach the services were guided through operators in Russia and Nigeria before hitting the Great Firewall of China.

The normal traffic route was changed after Google prefixes were leaked to China Telecom.

ThousandEyes, a network monitoring company first noticed the issues when its offices couldn’t connect to Google’s G Suite products. The issues became more serious when all the traffic dropped after reaching a router connected to China Telecom’s infrastructure.

They also noticed that TransTelecom was on the path, a Russian ISP. This prompted them to investigate further.

ThousandEyes reported:

Our analysis indicates that the origin of this leak was the BGP peering relationship between MainOne, the Nigerian provider, and China Telecom. MainOne has a peering relationship with Google via IXPN [Internet Exchange Point] in Lagos and has direct routes to Google, which leaked into China Telecom.

It is thought that at the very minimum, the issues caused a massive denial of service (DoS).

BGP is a solution that helps route traffic to specific destinations through autonomous systems. The solution was designed in the 80s and is vulnerable to traffic hijacking. Some of these misdirected traffic issues can be accidental when a company makes a mistake with the routing. However, it can also be a malicious attack. It is thought that this incident is a traffic hijacking attack.

Until further investigation is carried out, we won’t know the origins of the issue, or whether it was intentional with any certainty, although it looks this way. It’s been argued that BGP needs to advance its security solution by implementing a verification and filtering mechanism.

We will provide any updates on this story as and when they come in.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *