Repeated attacks hijack huge chunks of Internet traffic, researchers warn

  • 21 November 2013
  • 2 replies
  • 2023 views

Userlevel 7
Badge +54
Huge chunks of Internet traffic belonging to financial institutions, government agencies, and network service providers have repeatedly been diverted to distant locations under unexplained circumstances that are stoking suspicions the traffic may be surreptitiously monitored or modified before being passed along to its final destination.

Researchers from network intelligence firm Renesys made that sobering assessment in a blog post published Tuesday. Since February, they have observed 38 distinct events in which large blocks of traffic have been improperly redirected to routers at Belarusian or Icelandic service providers. The hacks, which exploit implicit trust placed in the border gateway protocol used to exchange data between large service providers, affected "major financial institutions, governments, and network service providers" in the US, South Korea, Germany, the Czech Republic, Lithuania, Libya, and Iran.

The ease of altering or deleting authorized BGP routes, or of creating new ones, has long been considered a potential Achilles Heel for the Internet. Indeed, in 2008, YouTube became unreachable for virtually all Internet users after a Pakistani ISP altered a route in a ham-fisted attempt to block the service in just that country. Later that year, researchers at the Defcon hacker conference showed how BGP routes could be manipulated to redirect huge swaths of Internet traffic. By diverting it to unauthorized routers under control of hackers, they were then free to monitor or tamper with any data that was unencrypted before sending it to its intended recipient with little sign of what had just taken place.
 
Full Topic

2 replies

NOT JUST ATTACKS supress traffic, FRAUDULENT REPORTS SUPRESS TRAFFIC even more.!! Trying to post a Walter Williams article to Facebook, I got a WEBROOT WARNING that the site on which the article was published, namely: LEWROCKWELL.COM, had been reported dangerous. THIS IS A SMALL GOVT, FREE MARKET SITE. So, IT IS OBVIOUS THAT IF SUCH A "REPORT" of a THREAT WAS POLITICAL TERRORISM. . . . Guess Who would make such a FALSE REPORT.!! ~snip Removed religious, political comment as per Community Guidelines snip~
Userlevel 7
Badge +56
There is no Block from WSA and BrightCloud gave the site a 96 Green Check mark. Also can you use less CAPS as caps means your yelling. http://brightcloud.com/tools/url-ip-lookup.php
 
Thanks,
 
TH

Reply