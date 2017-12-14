Internet Traffic To Major Tech Firms Mysteriously Rerouted To Russia (securityweek.com) 40
wiredmikey writes: Internet traffic to some of the world's largest tech firms was briefly rerouted to Russia earlier this week in what appeared to be a Border Gateway Protocol (BGP) attack. Internet monitoring service BGPmon noticed that 80 IP prefixes for organizations such as Google, Microsoft, Apple, Facebook, NTT Communications, Twitch and Riot Games had been announced by a Russian Autonomous System (AS).
It happened twice on Tuesday and each time it only lasted for roughly three minutes. The first event took place between 04:43 and 04:46 UTC, and the second between 07:07 and 07:10 UTC. Despite being short-lived, BGPmon said the incidents were significant, including due to the fact that the announcements were picked up by several peers and some large ISPs, such as Hurricane Electric and Zayo in the U.S., Telstra in Australia, and NORDUnet, which is a joint project of several Nordic countries. The incident is rather suspicious, as the prefixes that were affected are all high profile destinations, as well as several more specific prefixes that aren't normally seen on the Internet.
It happened twice on Tuesday and each time it only lasted for roughly three minutes. The first event took place between 04:43 and 04:46 UTC, and the second between 07:07 and 07:10 UTC. Despite being short-lived, BGPmon said the incidents were significant, including due to the fact that the announcements were picked up by several peers and some large ISPs, such as Hurricane Electric and Zayo in the U.S., Telstra in Australia, and NORDUnet, which is a joint project of several Nordic countries. The incident is rather suspicious, as the prefixes that were affected are all high profile destinations, as well as several more specific prefixes that aren't normally seen on the Internet.
MitM attacks (Score:5, Interesting)
Re: (Score:2, Offtopic)
Re: (Score:3)
If we have someone if office that broke the law, we shouldn't leave them in out of fear that their successor's policies are worse. That makes it even more political. If they did something wrong, they did something wrong, that's it. Not "it's illegal, but we'll selectively not enforce the law because..."
Re: (Score:3)
Re: (Score:2)
Re: (Score:3)
The Constitution has provisions to handle this unfortunately and if Mike Pence isn't impeached as well, he's in and there's a pecking order as to who gets in determined as well if I recall correctly.
Wikipedia has the current line of Presidential Succession [wikipedia.org]:
Re: (Score:2)
If President is impeached the job goes to VP.
Now if Pence is part of such collusion chances are he would get fired first, because Mueller is following a normal methodology for tracking down gang. Starting at the bottom giving some deals to the low level offenders and working their way up.
Re: (Score:2)
Now if Pence is part of such collusion
...
Evidence suggests he was not. He was never part of Donald's inner circle. Mike Flynn was fired for lying to Pence. If Pence was "in on it", Flynn wouldn't have lied, and Pence wouldn't have been asking.
Pence would be worse on social issues, but he would likely be better on foreign policy, and economic management.
Re: (Score:2)
"Let's hope he gets rid of Trump for us, but let's keep our fingers crossed he doesn't, because the replacement would be worse.."
Well that's really clever.
Re:Russia is a Problem (Score:4, Informative)
I have more faith that Pence will be working towards are national interests vs Trump who is out for Trump.
I much rather be displeased about the choice the President Made, vs Scared of the choice the President had made.
Re: (Score:1)
If Trump is found to be illegally elected then Pence is too.
Re: (Score:2)
I can't tell if you're being sarcastic or really believe. That's how silly The Russians! narrative has become.
IPv6 (Score:2)
Re: (Score:3)
Re: (Score:3)
I'm not sure that he is subservient to Putin. I suspect that he helps Russia commit crimes in the US not because he's a traitor, but rather because he gets flattered or bribed. That doesn't mean he isn't a traitor in common usage, though not within the definition given by the US Constitution. It just means that being a traitor isn't why he does that, it's doing that that makes him a traitor.
Re: (Score:1)
I hope you seek help for the paranoid delusions.
beta test (Score:1)
Combine this news with Russia's desire to create "their own Internet" https://www.theregister.co.uk/2017/12/01/russia_own_internet/ [theregister.co.uk] and I'd call this a beta test.
:-(
BGP vs. Root name servers? (Score:4, Interesting)
I don't know the relationship (if any) between the two, but is it just coincidence this is happening less than a month after this:
https://uawire.org/russia-offers-to-deploy-root-name-servers-in-brics-countries
Also, is this something that can be attributed to the 'handing over' of certain services from the US to the UN?
Re: (Score:2)
I don't know the relationship (if any) between the two, but is it just coincidence this is happening less than a month after this: https://uawire.org/russia-offe... [uawire.org]
Also, is this something that can be attributed to the 'handing over' of certain services from the US to the UN?
It is. The first thing the UN decided to do when they got control of those services was to redirect all the "Herbal Viagra" and "Penis Enlargement" junk mails to Russia, specifically the address: vladimir.putin@kremlin.ru.
Any other reported activity? (Score:2)
It may be a coincidence, but the Tenable Network Security forums seemed to get hit on Tuesday by something. For about an hour, our account got hit with a string of forum responses from Tenable. Then it just stopped. I'm thinking that maybe if you replied to the forum message via email, it didn't go back to Tenable?
Testing, testing... (Score:2)
Testing for exactly what, well...
Better title: (Score:3)
A better title for the story: Major internet routers still inexplicably accepting unauthenticated BGP announcements
HereCometheBRICs (Score:2)
https://www.bleepingcomputer.c... [bleepingcomputer.com]
My guess is that it's on track sooner than expected and it's likely more than the purported "backup". Especially with asshat, cabal owned, Pai killing Net Neutrality today, nobody trusts the US, nor should they. The routing should be taken as a precursor.
Bitcoin theft? (Score:2)
Any bets on this being a dry run for a BGP attack used to steal bitcoin?