In a new paper published in the journal Military Cyber Affairs researchers from the US Naval War College and Tel Aviv University document the use of BGP spoofing by China Telecom to redirect massive swathes of internet traffic through the company's routers as part of state military and commercial espionage efforts.
BGP is a notoriously insecure protocol used to route internet traffic; by design it is dynamic and responsive, moving traffic away from congested routes and onto those with more capacity: this flexibility can be exploited to force traffic to route through surveillance chokepoints, as well as for censorship (publishing BGP routes to censorsed services that dead-end in nonexistent addresses are a common technique in repressive regimes).
The researchers logged global BGP route announcements and discovered China Telecom publishing bogus routes that sucked up massive amounts of Canadian and US traffic and pushed it through Chinese listening posts. Much of today's internet traffic is still unencrypted, meaning that the entities monitoring these listening posts would have been able to read massive amounts of emails, instant messages and web-sessions.
China Telecom's BGP attacks were also used to black-hole traffic in some instances (for example, traffic from an "Anglo-American bank's" branch in Milan was diverted wholesale to China, never arriving at its intended destination).
After the traffic was copied by China Telecom for encyption breaking and analysis, it was delivered to the intended networks with only small delays. Demchak and Shavitt said.
Such hijacking is difficult to detect as China Telecom has multiple points of presence (PoPs) in North America and Europe that are physically close to the attacked networks, causing almost unnoticeable traffic delivery delays despite the lengthened routes.
China in comparison does not allow overseas telcos to establish PoPs in the country, and has only three gateways into the country, in Beijing, Shanghai and Hong Kong. This isolation protects the country's domestic and transit traffic from foreign hijacking.
China's Maxim – Leave No Access PointUnexploited: The Hidden Story of China Telecom's BGP Hijacking [Chris C. Demchak and Yuval Shavitt/Military Cyber Affairs]
China systematically hijacks internet traffic: researchers [Juha Saarinen/IT News]
(via /.)
Congratulations to the European Gull Screeching champions
This past weekend was the fifth annual European Gull Screeching Championship, where 60 seagull enthusiasts from 14 different countries competed with their finest seagull screeching talents to see who would be… READ THE REST
Kraftwerk-themed wedding was spectacular
I was lucky enough to see Kraftwerk last week on their "Multimedia Tour 2025" and the show absolutely blew my mind. After posting some photos on my social media, I… READ THE REST
Free music in They Might Be Giants' refurbished "Dial-A-Song" app
It's my pleasure to share the news that the They Might Be Giants "Dial-A-Song" app is up and running, and delivering sweet music to your ears, free of charge! In… READ THE REST
When your algorithm gets it wrong, this platform gets it right
TL;DR: Curiosity Stream's Lifetime Standard Plan is $149.99 (reg. $399.99), unlocking award-winning science, history, tech, and nature documentaries forever—no monthly fees. If your algorithm keeps serving fluff but your brain wants actual… READ THE REST
One laptop, two ways, 71% off
TL;DR: Save on two laptops in one with a Refurbished Lenovo 300e Chromebook (2018) for just $79.99 (Reg. $284.99) We're all iPad kids in a way. Glued to multiple devices at once, it's… READ THE REST
Pit AI against AI and reap the benefits with ChatPlayground AI, now just $80
TL;DR: Get 25 of the best AI models in one with a lifetime subscription to ChatPlayground AI for $79.97, or 87% off the $619 regular price. AI models can write you code, bring… READ THE REST