Computers blogs
flyg till köpenhamn

MCC 2011 Awardee

MCC 2011 Awardee
MCC 2011 Awardee

Recommended Books and Devices

Sunday, November 28, 2010


Recent proofs have been uncovered that shows that Sometime in April, a government owned telecoms company(China Telecoms)  for 18 minutes successfully routed 15% of the world's internet traffic via their routers and servers. These included communications to and from Government agencies(especially U.S), internet shopping traffic,  ...
The alleged "theft" of internet traffic was discovered by a communications company outside Washington, D.C. where computer network engineers monitor Internet traffic.

The internet operates on a trust-based system both in infrastuctural architechture and in terms of usage.Electronic routers direct the traffic flow, insuring the shortest path between any two computers anywhere in the world that hope to exchange information.
A little illustration here;lets say i have 3 uncles in the federal  ministry and i want to send a letter directly to the President of Nigeria.i would mentally calculate which of my 3 uncles is closest to the President by the number of people between them and the President,then i "forward" my letter to that uncle.That uncle in turn also calculates his distance to the president by the ranks of those he knows and forwards my letter to the next person he thinks is closer to the president....this continues until my letter is safely in the hands of the president.
Thats how routers "forward" information on the internet, only this happens in microseconds.

so essentially, the 18MIN hijack happened when computer routers in China belonging to China Telecom began signaling to other computer routers on the Internet that they could provide the quickest path between different computers. 
For 18 minutes, the traffic on 35,000 to 50,000 computer networks elsewhere in the world began flowing toward China, before getting routed to their final destinations. China Telecom had created a massive detour.

 Rodney Joffe, Senior Vice-president and Senior technologist at Neustar Inc said "They, all of a sudden, began announcing the fact that they were an optimal path to about 15 percent of the destinations on the Internet, that, in fact, they were a way to get to a large number of destinations on the Internet, when, in fact, they were not. We have never seen that before on this scale ever."

 The mere fact that the incident didn't severe all communications during the time it lasted suggests a calculated attempt to intercept, capure and later examine/inspect information.

Security expert Dmitri Alperovitch—VP of threat research at McAfee—says that this happens "accidentally" a few times a year, but this time it was different: The China Telecom network absorbed all the data and returned it without any significant delay. Before, this kind of accident would have resulted in communication problems, which lead experts to believe this wasn't an accident but a deliberated attempt to capture as much data as possible.


A lot can be captured in 18 minutes. When all the communications from tens of thousand of computer networks was routed to China, that included all the Web traffic, e-mail, and instant messages to and from -- that's the Department of Defense -- and -- those are U.S. governments departments. The U.S. Senate and NASA also had all their traffic diverted.

Companies like Dell, Yahoo!, Microsoft and IBM had their data diverted by China Telecom, too. On that day in April, officers logging into a Pentagon Web site ended up looking at an image that came to their screen via China.

Information could have been gathered, which after much examination could be used to craft a virus to be released in such huge networks.The fact that traffic could be intentionally diverted to where it is "MALICIOUSLY WANTED" opens the eyes to possibilities such as the data actually being altered(man-in-the-middle attack) before being forwarded to its destination,fabricated rogue mails could be concocted to seem as being  sent from someone/somewhere....usernames could be masqueraded... the possibilities are just limitless!!


Private networks and networks that provide essential services ;from life- essential services such as power grids,water, traffic, product mixing networks.. to those trusted services  such as internal government mail,military, Organizational services should be hosted on servers distant from the internet.worst case scenario;if these servers have to have a connection to the internet whatsoever, DMZ's (De-militarized zones) should be used as a sort of buffer.

Network administrators and security experts have to harden their organizations' networks.
 Wider proliferation of use of network security software, such as Microsoft's Forefront Threat management gateway 

The most efficient solution i see is for stakeholders and computer professionals around the world to;
 Greater Policize the internet trust system or all-together just fashion another network of networks that is just not as trust-based as the present standards.It might be  a longtime coming, but maybe we just go back to the base,how it all began, a revolution might just be underway.   


No comments:

Post a Comment

Post your comment on this article or this blog. including any technical questions you want to ask Me