Chinese ISP Web Traffic Hijack Poses Huge Security Risk

 
 
By Wayne Rash  |  Posted 2010-11-18 Email Print this article Print
 
 
 
 
 
 
 


pagebreak title=It's Time for the IETF to Rethink Global Web Security

But that doesn't mean the information can't be used for bad things. First, if you go through a great deal of any communications, including unclassified e-mail, it's still possible to determine at least the outline of what the traffic means. 

So while the details of a classified operation wouldn't be found, there might be enough references to it that something meaningful could be discerned. To accomplish this, you have to go through a LOT of data. The US used to do this kind of monitoring on the old Soviet Union's communications by tapping its undersea cables, and recording everything. In the process, the spooks involved were eventually able to decrypt the traffic, but in the mean time they could figure out the broad outlines. 

The problem here is that there was only 18 minutes of data, most of which was for places like joy.cn, not for army.mil. So even if some information was captured, it was unlikely that it was enough to be useful. 

However, the Chinese did learn something that may be extremely useful. They learned that they could, in fact, redirect a significant portion of the world's traffic through their servers. However, they also found out that network managers noticed.  

So the question is, was this really a sort of proof-of-concept? Was the Chinese government really probing the Internet to see what it could do and how quickly it would be found out? If so, they learned that they can, indeed reroute some of the Internet. They also found out that they would be noticed. 

But think about what could be accomplished even with 18 minutes of redirecting the right kind of traffic. You could create targeted Internet outages, for example. You could probably read commercial traffic, which has been a significant target for the Chinese government for a while. You could also disable communications for some agencies for long enough to be a diversion for some other activity. 

Furthermore, the Chinese aren't the only people who now realize that this is possible. Use your imagination and you'll think of any number of groups for whom disrupting even a portion of U.S. communications would be considered a victory. 

This event has also done one other thing that we should thank the Chinese for. It has forcefully illustrated just how susceptible the Internet is to tampering. The problem is, unlike other critical protocols, there is no move to make BGP secure. Basically, if someone decides they want to do something like redirect Internet traffic, they'll get what they want. There's no protection. Maybe it's time that the IETF or some other group started paying attention to this problem. 



 
 
 
 
Wayne Rash Wayne Rash is a Senior Analyst for eWEEK Labs and runs the magazineÔÇÖs Washington Bureau. Prior to joining eWEEK as a Senior Writer on wireless technology, he was a Senior Contributing Editor and previously a Senior Analyst in the InfoWorld Test Center. He was also a reviewer for Federal Computer Week and Information Security Magazine. Previously, he ran the reviews and events departments at CMP's InternetWeek.

He is a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine. He is a regular contributor to Plane & Pilot Magazine and The Washington Post.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel