The Russians were again eavesdropping on the internet. Proving them bad intentions will be very difficult
For more than an hour more than 8.8 thousand connections from more than 200 networks have been redirected to the infrastructure of the Russian telecommunications operator. These data could include the secrets of many companies.
ZDNet informs about a serious incident that occurred two days ago. Network traffic intended for Google, Amazon, Facebook, Cloudflare, GoDaddy, Akamai and many others serving the largest cloud companies in the world has been redirected to pass through the infrastructure of the Russian telecommunications operator Rostelecom. Temporary and suspicious redirection took about an hour.
https://twitter.com/James_inthe_box/status/1246766823187480576
This type of attack is known as BGP takeover. This mysterious abbreviation is Border Gateway Control, which is the system that manages international internet traffic. Unfortunately, it is very poorly secured because it assumes that all networks it manages are managed in accordance with the law. Just declaring the presence of the company's servers within the range of a given network to redirect traffic to it. In the past, BGP acquisitions have already occurred, which were not the result of sinister actions, but of a simple typo mistake operating a technician on duty.
Fortunately, traffic between the clouds is usually encrypted.
This is not the first time a given operator is suspected of a sinister takeover of network traffic. Mistakes are rather random, meanwhile Rostelecom has repeatedly made false declarations on a temporary basis, having insight into data that should not pass through it. Equally often such mishaps happen to the Chinese operator China Telecom.
https://twitter.com/atoonk/status/1246852111586848768
Unfortunately, proving bad intentions is very difficult for BGP acquisitions. Even despite the fact that Rostelecom has focused on service providers serving affluent and economically significant Western companies.
In theory, the acquired data should not be of much value for foreign intelligence anyway - the traffic between the clouds is encrypted. Experts note, however, that with advances in computing power and cryptography, perhaps even in the near future, old security will no longer be effective. And the captured data may be of such importance that it may also be useful for Russian intelligence in a few years.
The Russians were again eavesdropping on the internet. Proving them bad intentions will be very difficult
Comments
Post a Comment