Researchers at McAfee this week revealed that a major portion of the world’s Internet traffic was redirected to China’s primary telecommunications carrier for a period of about 18 minutes earlier this year.
At 15:54 GMT on April 8, 2010, McAfee detected a routing announcement from China’s state-controlled telecom company, China Telecom, which advertised 15% of the world’s Internet routes. For at least the next 18 minutes, up until China Telecom withdrew the announcement, a significant portion of the world’s Internet traffic was redirected through China to reach its final destination.
This included data from U.S. military and government networks, civilian organizations and U.S. allies such as South Korea, India and Australia. Commercial companies were also affected.
The incident took advantage of the vulnerabilities in the design of Internet’s fundamental building blocks, namely its routing protocols, — vulnerabilities that were present in April and remain present today. Not only can this problem happen again, but it probably will. We’ve no way of knowing whether this event was done with malicious intent in mind or was an accidental failure as China Telecom operators have suggested, but it’s clear that with this capability demonstrated publicly, sooner or later someone will use it for nefarious purposes.