Chinese Internet diversion was worrisome, report says
For about 20 minutes in April, a state-owned Chinese telecommunications firm rerouted massive amounts of Internet traffic, including from U.S. military and government networks, through Chinese servers before sending it on its way, according to a Congressional commission report out today.
Evidence related to the incident does not indicate whether it was deliberate, but computer security researchers have noted the capability could enable "severe malicious activities," said the U.S.-China Economic and Security Review Commission in its latest report to Congress.
The incident affected traffic to about 15 percent of the world's Internet network routes, the report said. There are more than 300,000 such routes in the world, said Dmitri Alperovitch, vice president of threat research for the computer security firm McAfee Inc., who briefed the commission on the incident. Among those affected were sites owned by the U.S. Senate, the Army, Navy, Marine Corps, Office of the Secretary of Defense, Department of Commerce and the National Aeronautics and Space Administration, as well as commercial Web sites such as those for Dell, Yahoo!, Microsoft and IBM, the report said.
When a server determines what route to use to speed data to its destination, it consults a "routing table" based on Internet service providers' announced routes for networks they host. In this case, China Telecom announced routes for tens of thousands of networks it did not own, including the US government sites, Alperovitch said.
A spokesman for the Chinese Embassy in Washington told Bloomberg News that the report was based on "unfounded, groundless information." Wang Baodong, the spokesman, repeated the government's longstanding position that "Chinese laws strictly forbid hacking or other illegal activities" on computer networks.
Whether the incident was intentional or not, Alperovitch said, the fact that China Telecom Corp. was able to reroute so much traffic through its network and then allow it to proceed to the final destination "without much impact is pretty amazing," he said. The delay in an email reaching its destination might be milliseconds, he said.
Alperovitch, who said McAfee was able to witness and monitor the redirection of the traffic, said the Chinese could have snooped on or even modified the traffic as it flowed through their pipes. They might also have been able to decrypt commercially encrypted files, he said.
Intentional or not, it is the largest successful "hijacking" or rerouting of Internet traffic ever, he said.
The incident is "cause for concern, not alarm," said Dale W. Meyerrose, who was chief information officer for the Office of the Director of National Intelligence in the Bush administration and is now a vice president for information assurance at Harris Corp. To snoop on the information, he said, "they don't have to divert traffic per se, though it could make it easier."
He said that classified U.S. military traffic would be encrypted using standards set by the National Security Agency, which he said are difficult to defeat.
| November 17, 2010; 11:25 AM ET
Save & Share: Previous: New research confirms Iran's nuclear program was target of Stuxnet worm
Next: Obama administration drafting letter for Netanyahu
Posted by: murrayh | November 17, 2010 12:06 PM | Report abuse
Posted by: wildcatherder | November 17, 2010 1:45 PM | Report abuse
Posted by: thegreatpotatospamof2003 | November 17, 2010 3:13 PM | Report abuse
Posted by: Meridian1 | November 17, 2010 3:39 PM | Report abuse
Posted by: gormley14412 | November 17, 2010 4:03 PM | Report abuse
Posted by: Dal190 | November 17, 2010 5:08 PM | Report abuse
Posted by: Mighty7 | November 17, 2010 6:08 PM | Report abuse
Posted by: t5grrr | November 17, 2010 6:47 PM | Report abuse
Posted by: kerryberger | November 17, 2010 7:55 PM | Report abuse
Posted by: ShowMeTheRealMoney | November 18, 2010 5:20 PM | Report abuse
Posted by: fakedude1 | November 20, 2010 1:39 PM | Report abuse
Posted by: TigerPaw1 | November 20, 2010 5:07 PM | Report abuse