In a new paper published in the journal Military Cyber Affairs researchers from the US Naval War College and Tel Aviv University document the use of BGP spoofing by China Telecom to redirect massive swathes of internet traffic through the company's routers as part of state military and commercial espionage efforts.
BGP is a notoriously insecure protocol used to route internet traffic; by design it is dynamic and responsive, moving traffic away from congested routes and onto those with more capacity: this flexibility can be exploited to force traffic to route through surveillance chokepoints, as well as for censorship (publishing BGP routes to censorsed services that dead-end in nonexistent addresses are a common technique in repressive regimes).
The researchers logged global BGP route announcements and discovered China Telecom publishing bogus routes that sucked up massive amounts of Canadian and US traffic and pushed it through Chinese listening posts. Much of today's internet traffic is still unencrypted, meaning that the entities monitoring these listening posts would have been able to read massive amounts of emails, instant messages and web-sessions.
China Telecom's BGP attacks were also used to black-hole traffic in some instances (for example, traffic from an "Anglo-American bank's" branch in Milan was diverted wholesale to China, never arriving at its intended destination).
After the traffic was copied by China Telecom for encyption breaking and analysis, it was delivered to the intended networks with only small delays. Demchak and Shavitt said.
Such hijacking is difficult to detect as China Telecom has multiple points of presence (PoPs) in North America and Europe that are physically close to the attacked networks, causing almost unnoticeable traffic delivery delays despite the lengthened routes.
China in comparison does not allow overseas telcos to establish PoPs in the country, and has only three gateways into the country, in Beijing, Shanghai and Hong Kong. This isolation protects the country's domestic and transit traffic from foreign hijacking.
China's Maxim – Leave No Access PointUnexploited: The Hidden Story of China Telecom's BGP Hijacking [Chris C. Demchak and Yuval Shavitt/Military Cyber Affairs]
China systematically hijacks internet traffic: researchers [Juha Saarinen/IT News]
(via /.)
Congratulations to the European Gull Screeching champions
This past weekend was the fifth annual European Gull Screeching Championship, where 60 seagull enthusiasts from 14 different countries competed with their finest seagull screeching talents to see who would be… READ THE REST
Kraftwerk-themed wedding was spectacular
I was lucky enough to see Kraftwerk last week on their "Multimedia Tour 2025" and the show absolutely blew my mind. After posting some photos on my social media, I… READ THE REST
Free music in They Might Be Giants' refurbished "Dial-A-Song" app
It's my pleasure to share the news that the They Might Be Giants "Dial-A-Song" app is up and running, and delivering sweet music to your ears, free of charge! In… READ THE REST
Get smarter on your downtime with lifetime documentary streaming for $130 during Deal Days
Disclosure: Boing Boing earns a commission on purchases made through links in this post. TL;DR: For $129.97 (reg. $999), you can get lifetime access to MagellanTV, an ad-free documentary streaming service with… READ THE REST
This Deal Days discount gets you 6TB of secure cloud storage for $190
Disclosure: Boing Boing earns a commission on purchases made through links in this post. TL;DR: Get Drime's 6TB of lifetime encrypted cloud storage, compliance tracking, and collaboration tools for $189.97 (reg.… READ THE REST
Centralize essential accounting tasks with QuickBooks Desktop Pro Plus for $300 during Deal Days
Disclosure: Boing Boing earns a commission on purchases made through links in this post. TL;DR: This 1-year Intuit QuickBooks Desktop Pro Plus 2024 subscription for Windows gives you all the financial tools… READ THE REST