Why Did 15 Percent of All Web Traffic Briefly Go Through China?
For 18 minutes in April, the world's data was flapping in the breeze
A new report by the U.S.-China Economic and Security Review Commission states that on April 8, 2010, the company China Telecom somehow diverted 15 percent of the world's Internet traffic through Chinese servers for 18 minutes. Much of the traffic was going to or from U.S. government and military sites, including the Web sites of NASA, the Senate, the Army, the Navy, the Air Force, and the Marine Corps. While the incident had been reported before, this is the first acknowledgment that American government sites were affected. It's not clear whether China Telecom meant to do this, or what, if anything, happened to the redirected data, and a spokesperson for the company has denied "any hijack of internet traffic."
Which Sites Were Affected According to a draft of the report obtained by ABC News, "This incident affected traffic to and from U.S. government ('.gov') and military ('.mil') sites, including those for the Senate, the army, the navy, the marine corps, the air force, the office of secretary of Defense, the National Aeronautics and Space Administration, the Department of Commerce, the National Oceanic and Atmospheric Administration, and many others. Certain commercial websites were also affected, such as those for Dell, Yahoo!, Microsoft, and IBM."
What We Still Don't Know Reuters reports that "the commission said it was unclear whether the hijacking was intentional or whether any data was collected or stopped, or if the massive amount of data affected concealed a targeted attack."
No Evidence It Was Intentional Daniel Shane at Information Age balks at the term "hijacking," calling the incident "a technical error by China's largest telecommunications provider." Shane does point out that there's precedent for malicious activities: "In January of this year, search engine company Google revealed that it and other major US corporations had been the victim of a 'highly sophisticated and targeted attack' originating from China. The attack exploited vulnerabilities in Microsoft's Internet Explorer and is believed to have been aimed at accessing the email accounts of Chinese human rights activists."
This Kind of Thing Could Easily Happen Every Day, points out George Ou at Digital Society. Ou explains that the Border Gate Protocol, the routing mechanism that directs traffic around the Web, "is a fundamental building block of the Internet," and "like most other fundamental building blocks of the Internet, it was initially implemented with no security in mind and it continues to live without security because changes on the Internet are so difficult on a living system that doesn't tolerate outages." Ou goes on to list some other basic components of the Internet that have easily exploitable security failings. About the April incident, he writes that "some of the specific routes could have been patched through for data theft and the massive outage was merely a cover, but it's difficult to know for sure what really happened. US government officials claim that their traffic was encrypted so they have nothing to fear."