Skip to main content

Google, Microsoft briefly had internet traffic rerouted through Russia

On Wednesday, December 13, it was observed that internet traffic being transmitted to and from Google, Facebook, Apple, and Microsoft was routed through a previously unknown Russian internet service provider for a brief time. This activity is thought to have been intentional.

The initial hijacking lasted for three minutes, and targeted 80 separate address blocks, according to a blog post published by BGPMon. A second attack started two and half hours later and lasted for another three minutes. However, Qrator Labs suggests that the event actually lasted for two hours uninterrupted, with the number of blocks affected fluctuating throughout.

These communications were using the Border Gateway Protocol (BGP), which routes huge amounts of data around the web. The security implemented on the BGP has come under fire before; earlier in 2017,  network traffic pertaining to a host of different financial services was briefly redirected via a telecom company operated by the Russian government, according to Ars Technica.

It’s not uncommon for data to be rerouted via the BGP as a result of user error. For a number of reasons, experts think that this situation was carried out intentionally.

First, there’s the fact that major entities like Microsoft and Google were targeted. Then there is the fact that hijacked IP addresses split up into announced blocks with some specificity, which indicates the guesswork of an attacker rather than an honest mistake.

The hijacking was carried out by an autonomous system known as AS39523, which has long since been inactive, save for an incident in August, which also targeted Google. We don’t know what, if anything, was done with the information that was rerouted. Projects like Logjam have previously set out to develop a means of breaking common encryption methods for such traffic, with little success — but the culprits could have a new technique that allows for some kind of workaround.

This is yet another scenario that goes to show how poor online security is a problem at every level. It’s crucial that users make smart decisions for themselves but the weak points available to attackers run deeper than many of us might realize.

Editors' Recommendations

Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
Facebook, Google, Microsoft, and Twitter team up to fight election interference
blockchain beyond bitcoin voters cast their ballots on election da

Facebook, Google, Microsoft, and Twitter are teaming up to form a new coalition ahead of the 2020 presidential election, according to a report in The New York Times on Wednesday.

The coalition, which has yet to have a name, will connect with government agencies like the FBI and the Department of Homeland Security to "counter shared threats to the online public conversation."

Read more
Apple says cloud gaming apps like Google Stadia violate iOS app store rules
google stadia review rs 6

Tech giants Microsoft and Google have been conducting trials on a new way to play games with their Project xCloud and Stadia cloud services. However, these services remained oddly absent from iPhones and iPads and, at long last, Apple has broken its silence on why iOS users have been left out.

In a statement to Business Insider, Apple has confirmed that it doesn’t allow cloud gaming platforms like Google Stadia and Microsoft Project xCloud since they violate iOS app store guidelines.

Read more
Trump’s TikTok meddling means we’ll never be able to escape Big Tech
Styled Graphic featuring Tim Cook, Jeff Bezos, Mark Zuckerberg, Sundar Pichai

Over the years, the one criticism Big Tech has been unable to overcome is the ongoing dialogue about how these companies' seemingly boundless power is a threat to the open market and needs a more strident set of regulations.

Last week, the CEOs of four of those companies — Facebook, Google, Amazon, and Apple — appeared in a virtual antitrust hearing to address whether they are turning into monopolies.

Read more