[LINK] All your internets are belong to us

[Kim Holburn]

Story in Slashdot April:
http://tech.slashdot.org/story/10/04/09/1930220/Chinese-ISP-Hijacks-the-Internet-Again
> "For the second time in two weeks, bad networking information spreading from China has disrupted the Internet. On Thursday morning, bad routing data from a small Chinese ISP called IDC China Telecommunication was re-transmitted by China's state-owned China Telecommunications, and then spread around the Internet, affecting Internet service providers such as AT&T, Level3, Deutsche Telekom, Qwest Communications, and Telefonica. 'There are a large number of ISPs who accepted these routes all over the world,' said Martin A. Brown, technical lead at Internet monitoring firm Renesys. Brown said the incident started just before 10 am Eastern and lasted about 20 minutes. During that time the Chinese ISP transmitted bad routing information for between 32,000 and 37,000 networks, redirecting them to IDC instead of their rightful owners. These networks included about 8,000 US networks, including those operated by Dell, CNN, Starbucks, and Apple. More than 8,500 Chinese networks, 1,100 in Australia, and 230 owned by France Telecom were also affected."


http://it.slashdot.org/story/10/11/16/1838223/For-18-Minutes-15-of-the-Internet-Routed-Through-China
> "For 18 minutes this past April, 15% of the world's internet traffic was routed through servers in China. This includes traffic from both .gov and .mil US TLDs."


http://www.nationaldefensemagazine.org/blog/Lists/Posts/Post.aspx?ID=249#

> Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet Traffic
> For 18 minutes in April, China’s state-controlled telecommunications company hijacked 15 percent of the world’s Internet traffic, including data from U.S. military, civilian organizations and those of other U.S. allies.
> 
> This massive redirection of data has received scant attention in the mainstream media because the mechanics of how the hijacking was carried out and the implications of the incident are difficult for those outside the cybersecurity community to grasp, said a top security expert at McAfee, the world’s largest dedicated Internet security company.
> 
> In short, the Chinese could have carried out eavesdropping on unprotected communications — including emails and instant messaging — manipulated data passing through their country or decrypted messages, Dmitri Alperovitch, vice president of threat research at McAfee said.
> 
> Nobody outside of China can say, at least publicly, what happened to the terabytes of data after the traffic entered China.
> 
> The incident may receive more attention when the U.S.-China Economic and Security Review Commission, a congressional committee, releases its annual report on the bilateral relationship Nov. 17. A commission press release said the 2010 report will address “the increasingly sophisticated nature of malicious computer activity associated with China.”
> 
> Said Alperovitch: “This is one of the biggest — if not the biggest hijacks — we have ever seen.” And it could happen again, anywhere and anytime. It’s just the way the Internet works, he explained. “What happened to the traffic while it was in China? No one knows.”



-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request