By Kevin Coleman – DefenseTech Cyber Warfare Correspondent
Cyber security specialists say they have proof that back in April up to 15 percent of global Internet traffic was hijacked and rerouted through China.
In April, China’s state-controlled telecommunications company redirected this non-trivial portion of the world’s Internet traffic through their information infrastructure. The redirected traffic was said to include information from “U.S. military, civilian organizations and that of U.S. allies. ”
What has increased the concern over this incident is the fact that China’s state-controlled telecommunications provider was able to handle this massive amount of traffic/data and continue to retransmit it back out again without anyone having a noticeable slow-down or disruption in the service. Some security experts point out that encryption could not have ensured the integrity of the redirected data.
This is believed to be the first time that the severity of this incident has been publicly discussed. What will the response by U.S. and other world leaders. One thing is for certain, this is one cyber event worth following closely!
For more, click here.
{ 40 comments… read them below or add one }
And there rise is peaceful they keep saying, I don't trust them !
And we're supposed to trust the American ECHLEON system?
Yeah, I trust the good guys before the commies every day of the week.
And once again I ask: why is the military utilizing the same networks as the civilian population? They really should be on a seperate limited-access network, so stuff like this can't happen.
Good point and comment.
It's true that there is/are dependencies in that for SOME US Govt unclassified networks they utilize the same commerical infrastructure.
The justification for this decision –over many years–is a) cost and b) the US Govt.'s move to utilize Commerical Off-the-Shelf (COTS) technical solutions.
agree totally. If you look at the military they seem to enjoy using this logic. These days troops use sensitive items that can be used with simple civilian batteries. Makes it easy for our rudimentary enemies to operate that equipment, which takes away the advantage on the battlefield.
It's nearly impossible to differentiate. At some point your on a civilian network. Just how it is. Good news is: china and everyone else face the same problem. Believe me, this BS is a two-way street.
If you look closely I'm fairly certain that Admiral Ho there is just checking his facebook.
Also, given that most internet traffic is pornography, isn't it possible those sex-starved devils were just tapping into some of the finer product of the West? huh huh?
One big part of the problem is that so many of the telecommunication cables in the region go via China. If we and our partners are unwilling to invest in the infrastructure necessary to develop alternative routes, then we shouldnt complain about the Chinese taking advantage of our stupidity.
The network platform the military, navy, airforce, marine, and government should use satellite IBM UNIX for secured networking infrastructure.
Your telling me they still run Windows? Can u imagine that a Satalite runnign windows it would last 2 days only hahahaha
Unix has it's pluses for sure. but nothing is 100% secure. If that was the case, the military would just give everyone a flippin mac book and cut their budget down to nothing. Unix has it's own inherent problems, like every other data structure.
Name some, esepecially security related. If we went with IBM p series we would still need some sort of client os to connect. IBM does not make client OS any longer, you just connect to the server with a dumb terminal.
Great, now China knows how much porn I watch….with any luck it will terrify them to a point where they'll stop watching our stuff.
Actually that 15% was just the porn that I personally downloaded in April. What can I say, it was a slow month.
Is that Chinese General putting BEN GAY on his hands?
He could be the Chinese internet General…
Typical nonsense from Kevin
What he fails to tell you is that it was 15% for 18 whole minutes because somebody made a mistake with some routing tables. This has happened before – the entire internet was routed through one server in one famous incident because the router broadcast to everyone that it's distance to everywhere was zero.
If your security relies on the routing then you have failed and if your "cyberwar consultant" thinks it should then do your self a favour get rid of the scam artist.
Oblat is correct that this is not the FIRST time that a problem has occurred due to some kind of "mis-configuration" whether it's:
changing configuration on a "production network router/switch" (yes it DOES happen)
flushing a routing table
updating or replacing an ACL
When you consider It specifically affected traffic to and from .gov and .mil websites in the United States, as well as websites for the Senate, all four military services, the office of the Secretary of Defense, the National Oceanic and Atmospheric Administration and "many others," including websites for firms like Dell, Yahoo, IBM and Microsoft, it does not resembe the past mis-configuration issues!
If the traffic is going international, different ISP's control the table, it could have been a routing table error. I would not rule out that it is malicious though.
Didnt oboma hire a criminal hack, to be his internet czar,
Wow comrad Oblatski, you sure seem to know a lot about what the commies are up to. lol
Hey Coleman, can't you just buy this d0uche-b@g a beer and tell him everything's gonna be alright? I think he's developed a man-crush….
Ahahaha, so much for cyber warfare means real warfare that we've heard so much about from US forces over the last few years, you've been robbed blind again and you do nothing again, i'm tempted to say… losers.
No one can say whether or not this is or should constitute an act of cyber war!
Its probably most porn and/or people watching free streaming videos. I would say its NBD.
The report states that it affected traffic to and from .gov and .mil websites in the United States, as well as websites for the Senate, all four military services, the office of the Secretary of Defense, the National Oceanic and Atmospheric Administration and "many others," including websites for firms like Dell, Yahoo, IBM and Microsoft.
The data was basically spanned (via broadcast), not routed, to the Chinese telco.
If they have a facility similar to the NSA's Ft. Meade datacenter, they could have dumped the traffic to disk where they can pull it all apart and decrypt and analyze all of the communications. They will have to crack some certs and encryption keys but it's doable.
Personally, it is my belief that we should begin a new program with Carrier Pigeons with micro chips insertted for all the various reasons. Then let thos Chinese try and break the code!!
If Certain Parties are reading this, then I would like a #14 with hot-and-sour soup and two crab rangoons delivered to you-probably-already-know-the-address.
Breaking News! America routes 100% of communications traffic through ECHELON. Americans confirmed as world's biggest hypocrites.
Good. Only a commie would have a problem with that.
A more informative, and less hysterical, bit of coverage is here: http://bgpmon.net/blog/?p=282
If you are transmitting on the internet instead of a private network and you think you have some knowledge of where the data is routed, you are fooling yourself. Encryption and private networking are the only ways to prevent mitigate these simple man in the middle attacks. All they have to do is just set a NIC to promiscuous mode and slurping up everything that passes it on the network. Force some updates to the routing tables or spoof a few DNS servers and now you have lots and lots of traffic to slurp up. Yumm!
This BTW is not uncommon, happening on an admittedly smaller scale all day everyday all over the world.
Anyone who's in NetSec, anywhere, and doesn't have any idea where the datapacks are going, shouldn't be there in the first place.
HSN Brief Posted
http://homelandsecuritynewswire.com/china-hijacke…
An 18 min slice of a lot of random transit data (assuming it was captured) doesn’t sound very useful considering the amount of effort necessary to crack encryption. I was curious on the IPs affected since some notable military and gov IP ranges are not included. Also not a very good proof of concept since those have been previous demonstrated numerous times. I vote not a deliberate attack.
dump them off the root servers and tell them to sod off and we owe them nothing since they have all our designs and Intellectual property to rip off and mass produce..
no loan money to pay back, we're even..
I'm tired of china..
Brillliant!
GO USA
why US. redirected her net traffic to China?