Skip to main content

An IP address vulnerability took down some Google services for 1 hour

Image used with permission by copyright holder

It might have been for just an hour, but some of Google’s services went down on Monday, November 12. The outage was reportedly caused by an improper rerouting of IP addresses and the moving of traffic away from the usual ports towards China and Russia instead, Ars Technica reports.

Though the rerouting that caused the outage is not thought to be malicious, it temporarily impacted Spotify and Google Cloud in the United States. Encrypted traffic relating to Google’s own corporate WAN infrastructure and VPN services were also redirected, but not compromised as part of the outage.

Google deems the entire situation “accidental,” according to reports. It was initially caused by a cable company based in Nigeria which improperly rerouted hundreds of Google-owned IP addresses as its own as part of a planned network upgrade. This eventually led to two other Russia and China-based carriers accepting the IP changes. Suspiciously, China Telecom, a provider which was guilty of certain similar IP address re-routes in the past, also accepted the accidental changes and then directed them worldwide.

“We’re aware that a portion of Internet traffic was affected by incorrect routing of IP addresses, and access to some Google services was impacted. The root cause of the issue was external to Google and there was no compromise of Google services,” Google said.

Cloudflare, a Google partner, was also later impacted by a separate IP address misdirection. Part of the same process set by the same Nigerian, Russian, and Chinese cable companies, the changes were quickly and automatically reserved. It all still raised serious concerns about the security of the entire IP address routing infrastructure.

“If there was something nefarious afoot there would have been a lot more direct, and potentially less disruptive/detectable, ways to reroute traffic. This was a big, ugly screw up. Intentional route leaks we’ve seen to do things like steal cryptocurrency are typically far more targeted,” Cloudflare CEO Matthew Prince told Ars Technica.

While these changes didn’t last for very long, it still was relatively unnoticed until consumers and customers reported issues. It was reported on Twitter that the IP changes came in five intervals, all of which were corrected within 74 minutes.

Editors' Recommendations

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Google could finally address this huge frustration with Chrome tabs
Image of Goog Chrome History

Chrome has a new feature in the works that lets you reload all your tabs in an instant after you accidentally close your Chrome window.

You've likely experienced the frustration of accidentally closing your entire Chrome window when you only wanted to minimize it. It then takes a long time to reload the window and wait for all the tabs to load. Connection problems can make this worse, as can certain content-loaded webpages. Fortunately, Google may soon introduce a Chrome feature that resolves the issue.

Read more
Stadia was a no-show during Google’s 2-hour I/O keynote
google stadia review rs 4

Google I/O 2021 is off to a bang. The developer conference kicked off with a two-hour keynote speech that ushered in the future of Google. We saw some eye-popping developments in machine learning, more inclusive design considerations, and much more across Google's suite of products.

There was one notable absence at the party: Stadia. Google's gaming service didn't get any new announcements during the platform-spanning keynote. In fact, the word Stadia wasn't mentioned once.

Read more
Google services recovering after multiple hours of outages
Google I/O

Earlier today Google faced a catastrophic outage that disrupted all of its online services, from Gmail and Contacts to YouTube and Drive. Depending on a person's location, Google services have been experiencing issues connecting, running, or performing properly. Some Google services return a "500" error page, while others load sporadically, and some load but then don't function.

According to reports from Downdetector, which aggregates complaints about service problems from the public, the issues started cropping up around 6:45 a.m. ET this morning. As you'd expect, the largest number of reports are for Google Search, YouTube, Gmail, and Google Drive (Docs). We're also seeing ongoing reports of users unable to sign in to Google services if they weren't already signed in.

Read more