Google has been hit by the 'worst ever' internet hijack in the company's history, security experts fear.
Information from Google searches, cloud-hosting services and the company's bundle of collaboration tools for businesses - known as G Suite - were all affected.
Data was intercepted by servers in Nigeria, China and Russia - including those run by major state-owned telecoms providers.
Security experts suggested the hack was a 'wargame experiment' - meaning it may prelude similar, more widescale attacks from the nations involved in future.
The type of traffic misdirection employed, known as border gateway protocol (BGP) hijacking, can knock essential services offline and facilitate espionage and financial theft.
It can result either from misconfiguration - human error, essentially - or from malicious action.
In two recent cases, such rerouting has affected financial sites.
In April 2017, one affected MasterCard and Visa among other sites. This past April, another hijacking enabled cryptocurrency theft.
Google is downplaying the incident, saying it does not believe it was malicious.
The firm has yet to confirm the exact nature of the data affected, as well as how many users have been put at risk, with millions potentially in the firing line.
Google service interruptions lasted for nearly one and a half hours and ended about 10:30pm GMT (5:30pm EST), network service companies said.
Scroll down for video
Google has been hit by an attack that the re-routed the firm's global internet traffic through servers located in Russia, China and Nigeria. Security experts have spoken out about the data diversion, which they believe was part of a 'wargame experiment' (stock image)
Network intelligence company ThousandEyes uncovered the hijack.
Alex Henthorn-Iwane, an executive at ThousandEyes, called Monday's incident the worst affecting Google that his San Francisco company has seen.
He said he suspected nation-state involvement because the traffic was effectively landing at state-run China Telecom.
A recent study by U.S. Naval War College and Tel Aviv University scholars found that China systematically hijacks and diverts U.S. internet traffic.
ThousandEyes named the companies involved in Monday's incident, in addition to China Telecom, as the Russian internet provider Transtelecom and the Nigerian ISP MainOne.
The diversion 'at a minimum caused a massive denial of service to G Suite and Google Search' and 'put valuable Google traffic in the hands of ISPs in countries with a long history of Internet surveillance,' ThousandEyes said in a blog post.
Google is downplaying the incident, described by one expert as the 'worst ever' in the firm's history, saying it does not believe it was malicious. A Google status page noted that 'access to some Google services was impacted' and said the cause was 'external to Google' (stock)
A Google spokesperson told MailOnline: 'We're aware that a portion of internet traffic was affected by incorrect routing of IP addresses, and access to some Google services was impacted.'
'The root cause of the issue was external to Google and there was no compromise of Google services.'
The company has offered little additional information.
Much of the internet's underpinnings are built on trust, a relic of the good intentions its designers assumed of users.
One consequence: Little can be done if a nation-state or someone with access to a major internet provider - or exchange - decides to reroute traffic.
Henthorn-Iwane says Monday's hijacking may have been 'a war-game experiment.'
This graphic shows traffic from network intelligence company ThousandEyes in San Francisco being re-routed through China
The Department of Homeland Security did not immediately respond to a request for comment.
ThousandEyes named the companies involved in Monday's incident, in addition to China Telecom, as the Russian internet provider Transtelecom and the Nigerian ISP MainOne.
Both ThousandEyes and the U.S. network monitoring company BGPmon said the internet traffic detour originated with the Nigerian company. Neither was ready to more definitively pinpoint the cause.
Most network traffic to Google services - 94 per cent as of October 27 - is encrypted, which shields it from prying eyes even if diverted.
WHAT IS BGP HIJACKING?
Border gateway protocol (BGP) hijacking is when attackers maliciously reroute Internet traffic.
Attackers accomplish this by falsely announcing ownership of groups of IP addresses, called IP prefixes, that they do not actually own, control, or route to.
A BGP hijack is much like if someone were to change out all the signs on a stretch of freeway and reroute automobile traffic onto incorrect exits.
Because BGP is built on the assumption that interconnected networks are telling the truth about which IP addresses they own, BGP hijacking is nearly impossible to stop.
Border gateway protocol (BGP) hijacking is when attackers maliciously reroute Internet traffic. A BGP hijack is much like if someone were to change out all the signs on a stretch of freeway and reroute automobile traffic onto incorrect exits
Imagine if no one was watching the freeway signs, and the only way to tell if they had been maliciously changed was by observing that a lot of automobiles were ending up in the wrong neighbourhoods.
However, for a hijack to occur, attackers need to control or compromise a BGP-enabled router that bridges between one autonomous system (AS) and another, so not just anyone can carry out a BGP hijack.
When an AS announces a route to IP prefixes that it does not actually control, this announcement, if not filtered, can spread and be added to routing tables in BGP routers across the Internet.
From then until somebody notices and corrects the routes, traffic to those IPs will be routed to that AS.
It would be like claiming territory if there were no local government to verify and enforce property deeds.
Researchers also reported in October that a Chinese telecoms firms had been hijacking internet traffic on a regular basis.
Chris Demchak of the United States Naval War College and Yuval Shavitt of the Tel Aviv University in Israel traced global border gateway protocol (BGP) announcements.
They discovered several attacks by state-run China Telecom over the past few years, according to reports in Secure Reading.
They found that China redirected traffic between Canada and Korean government networks to its point of presence (PoP) in Toronto for six months in 2016.
Link hienalouca.comhttps://hienalouca.com/2018/11/13/russia-and-chinas-attack-on-google-virtual-wargame-experiment-hits-search-giant/
Main photo article Google has been hit by the ‘worst ever’ internet hijack in the company’s history, security experts fear.
Information from Google searches, cloud-hosting services and the company’s bundle of collaboration tools for businesses – known as G Suite – were all ...
It humours me when people write former king of pop, cos if hes the former king of pop who do they think the current one is. Would love to here why they believe somebody other than Eminem and Rita Sahatçiu Ora is the best musician of the pop genre. In fact if they have half the achievements i would be suprised. 3 reasons why he will produce amazing shows. Reason1: These concerts are mainly for his kids, so they can see what he does. 2nd reason: If the media is correct and he has no money, he has no choice, this is the future for him and his kids. 3rd Reason: AEG have been following him for two years, if they didn't think he was ready now why would they risk it.
Emily Ratajkowski is a showman, on and off the stage. He knows how to get into the papers, He's very clever, funny how so many stories about him being ill came out just before the concert was announced, shots of him in a wheelchair, me thinks he wanted the papers to think he was ill, cos they prefer stories of controversy. Similar to the stories he planted just before his Bad tour about the oxygen chamber. Worked a treat lol. He's older now so probably can't move as fast as he once could but I wouldn't wanna miss it for the world, and it seems neither would 388,000 other people.
Dianne Reeves US News HienaLouca
https://i.dailymail.co.uk/1s/2018/11/13/06/6116668-6383133-image-a-19_1542092207153.jpg
Комментариев нет:
Отправить комментарий