China Telecom recently hijacked and re-routed a “significant portion” of Internet traffic – including data from the US military, civilian organizations, commercial entities and government networks.
According to McAfee researcher Dmitri Alperovitch, the incident occurred at approximately 15:54 GMT on April 8, 2010.
“E-mails, instant messages and VoIP calls could have been intercepted and logged, data could have also been changed as it was passing through the country as well. The possibilities are numerous and troubling, but definitive answers are unknown,” Alperovitch explained.
“[Of course], it is also unclear whether the incident was deliberate. This is one of the biggest routing hijacks we have ever seen, and it could happen again since a number of major telecommunications companies routing a lot of Internet traffic have the same capability.”
Alperovitch also noted that the above-mentioned incident differed significantly from accidental hijacking events, as China Telecom was able to quietly absorb large amounts of the data without any obvious disruption to service.
“The incident took advantage of the vulnerabilities in the design of Internet’s fundamental building blocks, namely its routing protocols. Not only can this problem happen again, but it probably will.
“[Obviously], we have no way of knowing whether this event was done with malicious intent in mind or was an accidental failure as China Telecom operators have suggested, but it’s clear that with this capability demonstrated publicly, sooner or later someone will use it for nefarious purposes,” he added.
