Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity
    • IT Management
    • Networking

    What Happens When Your Data Gets Redirected to China

    By
    Wayne Rash
    -
    November 15, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Google.Cloud.network

      For many companies, a nightmare scenario is to find that all of their network traffic is suddenly in the hands of an unfriendly power. This happened to Google on Nov. 12, when an employee at a small Nigerian internet service provider configured the border gateway protocol (BGP) filters of one of its network devices so that Google’s traffic went to Nigeria, passing through Russia and China on the way.

      The configuration was fixed in a little over an hour, but in the interim, Google’s internal networks were sending their traffic on a world tour. This impacted Google search, as well as the operations of Google Cloud (see image; right-click on it and select “View Image” to see a larger version), and from there the operations of Google’s customers who use its cloud services.

      What happened is that MainOne Cable, the Nigerian ISP, was performing a routine software update when the configuration error happened. At that point, a router began advertising to the internet that it was the appropriate pathway for Google’s traffic. ISPs in China and then Russia saw the advertisement and acted on it, which ultimately meant that Google’s traffic, instead of going to Google, went to Russia, where it was passed to China, where it mostly died.

      Google’s Data Didn’t Go Anywhere in China

      Chinese edge routers that are part of the “great firewall” of China, simply dropped the packets as being unauthorized. Google, and users of its services, simply lost their connections. The initial fear was that Google’s network traffic has been hijacked, but a later investigation revealed that it was simply human error. The investigation also showed that MainOne had not implemented any protections to ensure that its BGP advertisements were proper. As it turned out, neither had the internet services in Russia and China.

      Since then, MainOne has fixed the problem and instituted the necessary protections. But that doesn’t mean the risk is gone. What the cable company did by mistake can easily be done on purpose with the effect of sending the internet traffic of one or more users through some place where it shouldn’t go. And in fact it has been done, most recently by the hackers who work for the Chinese army.

      What’s concerning is that the BGP misconfiguration is so easy to accomplish, and it’s hard to fix. Fortunately, you can find out that this is happening by watching BGPMON on Twitter. This service, which is part of OpenDNS, quickly spotted the Google redirection, which, in turn, led to it being fixed quickly.

      But as an internet end user, there’s little you can do. You can find out that it’s happening to your traffic by using the Tracert utility, watching the path, then watching the latency numbers. But if your ISP or your own set of IP addresses has been hijacked, the best you can do is to quit using those IPs until the hijacking has stopped.

      A Separate ISP Is Another Alternative

      Another alternative is to have access through a separate ISP. While implementing for services—such as your primary e-commerce site—might be tricky, keeping access to the internet in general and to your cloud services should be relatively transparent. If your e-commerce site is cloud-based, you may be able to keep running there, too.

      Of course, such a failover strategy is something that you’ll have to arrange in advance, but it will have more uses than just a BGP hijacking. Your path to the internet can be interrupted by everything from a DDoS attack to a faulty router configuration.

      The other step that’s necessary is to make sure that your data is protected. Google wasn’t worried about data loss when the BGP problem happened, because all of its data is encrypted. This can be what saves your company as well. Another step is to use VPNs (virtual private networks) for any data that’s important.

      Using a VPN will make sure that the data is encrypted, but it will do more than that. If the network address advertising is wrong, the VPN simply won’t connect, and data won’t be transferred at all. This happens because when you set up your virtual network, you also define a specific IP address on the other end. If you’ve set up your VPN properly, any attempt to change the spot where it terminates simply won’t work because the address isn’t right.

      Monitoring Networks Should Be a Given

      Of course, you should always be monitoring your network, and not just because of the chance of a network hijacking attempt, intentional or otherwise. A decent network monitoring application will spot changes in your network addressing and alert your IT staff. The Spiceworks Network Monitor can handle tasks such as this, and it’s free, easy to understand and effective.

      With an effective monitoring service in place, you will know almost immediately when something that adversely affects your network happens, whether it’s a BGP configuration problem, the appearance of a rogue WiFi access point or an unauthorized user on your internal network. Just watching the latency numbers will tell you that something is amiss.

      Border gateway protocol is a legacy of the early days of the internet, when most actions were based on trust. Unfortunately, in this age of malware and spies, trust is a thing of the past, so you’ll need to have a way to confirm that what’s happening on your network is what you want to happen. That challenge will only get more important.

      Wayne Rash
      https://www.eweek.com/author/wayne-rash/
      Wayne Rash is a freelance writer and editor with a 35-year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He is the author of five books, including his most recent, "Politics on the Nets." Rash is a former Executive Editor of eWEEK and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center and editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×