Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity
    • IT Management
    • Networking

    What Happens When Your Data Gets Redirected to China

    By
    WAYNE RASH
    -
    November 15, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Google.Cloud.network

      For many companies, a nightmare scenario is to find that all of their network traffic is suddenly in the hands of an unfriendly power. This happened to Google on Nov. 12, when an employee at a small Nigerian internet service provider configured the border gateway protocol (BGP) filters of one of its network devices so that Google’s traffic went to Nigeria, passing through Russia and China on the way.

      The configuration was fixed in a little over an hour, but in the interim, Google’s internal networks were sending their traffic on a world tour. This impacted Google search, as well as the operations of Google Cloud (see image; right-click on it and select “View Image” to see a larger version), and from there the operations of Google’s customers who use its cloud services.

      What happened is that MainOne Cable, the Nigerian ISP, was performing a routine software update when the configuration error happened. At that point, a router began advertising to the internet that it was the appropriate pathway for Google’s traffic. ISPs in China and then Russia saw the advertisement and acted on it, which ultimately meant that Google’s traffic, instead of going to Google, went to Russia, where it was passed to China, where it mostly died.

      Google’s Data Didn’t Go Anywhere in China

      Chinese edge routers that are part of the “great firewall” of China, simply dropped the packets as being unauthorized. Google, and users of its services, simply lost their connections. The initial fear was that Google’s network traffic has been hijacked, but a later investigation revealed that it was simply human error. The investigation also showed that MainOne had not implemented any protections to ensure that its BGP advertisements were proper. As it turned out, neither had the internet services in Russia and China.

      Since then, MainOne has fixed the problem and instituted the necessary protections. But that doesn’t mean the risk is gone. What the cable company did by mistake can easily be done on purpose with the effect of sending the internet traffic of one or more users through some place where it shouldn’t go. And in fact it has been done, most recently by the hackers who work for the Chinese army.

      What’s concerning is that the BGP misconfiguration is so easy to accomplish, and it’s hard to fix. Fortunately, you can find out that this is happening by watching BGPMON on Twitter. This service, which is part of OpenDNS, quickly spotted the Google redirection, which, in turn, led to it being fixed quickly.

      But as an internet end user, there’s little you can do. You can find out that it’s happening to your traffic by using the Tracert utility, watching the path, then watching the latency numbers. But if your ISP or your own set of IP addresses has been hijacked, the best you can do is to quit using those IPs until the hijacking has stopped.

      A Separate ISP Is Another Alternative

      Another alternative is to have access through a separate ISP. While implementing for services—such as your primary e-commerce site—might be tricky, keeping access to the internet in general and to your cloud services should be relatively transparent. If your e-commerce site is cloud-based, you may be able to keep running there, too.

      Of course, such a failover strategy is something that you’ll have to arrange in advance, but it will have more uses than just a BGP hijacking. Your path to the internet can be interrupted by everything from a DDoS attack to a faulty router configuration.

      The other step that’s necessary is to make sure that your data is protected. Google wasn’t worried about data loss when the BGP problem happened, because all of its data is encrypted. This can be what saves your company as well. Another step is to use VPNs (virtual private networks) for any data that’s important.

      Using a VPN will make sure that the data is encrypted, but it will do more than that. If the network address advertising is wrong, the VPN simply won’t connect, and data won’t be transferred at all. This happens because when you set up your virtual network, you also define a specific IP address on the other end. If you’ve set up your VPN properly, any attempt to change the spot where it terminates simply won’t work because the address isn’t right.

      Monitoring Networks Should Be a Given

      Of course, you should always be monitoring your network, and not just because of the chance of a network hijacking attempt, intentional or otherwise. A decent network monitoring application will spot changes in your network addressing and alert your IT staff. The Spiceworks Network Monitor can handle tasks such as this, and it’s free, easy to understand and effective.

      With an effective monitoring service in place, you will know almost immediately when something that adversely affects your network happens, whether it’s a BGP configuration problem, the appearance of a rogue WiFi access point or an unauthorized user on your internal network. Just watching the latency numbers will tell you that something is amiss.

      Border gateway protocol is a legacy of the early days of the internet, when most actions were based on trust. Unfortunately, in this age of malware and spies, trust is a thing of the past, so you’ll need to have a way to confirm that what’s happening on your network is what you want to happen. That challenge will only get more important.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×