This isn’t a simple case of BRICS implementing their own Internet, to circumvent NSA spying… Russia’s Internet traffic has been passing through China, the purpose of which remains a mystery to the vast majority. -LW
Unexplained diversion underscores insecurity of Net’s global routing system.
by Dan Goodin – Nov 9 2014, 1:00pm
Domestic Internet traffic traveling inside the borders of Russia has repeatedly been rerouted outside of the country under an unexplained series of events that degrades performance and could compromise the security of Russian communications.
The hijacking of Russian traffic is linked to last year’s peering agreement between Russian mobile provider Vimpelcom and China Telecom. The pact allowed the firms to save money by having some of their traffic carried over the other’s network rather than through a more expensive transit operator. On multiple occasions since then, according to Dyn, communications destined for Russia has followed extremely round-about routes that take the traffic into China before sending it on to its final stop. Doug Madory, director of internet analysis at Dyn, wrote:
Even Internet paths from Moscow to other parts of Russia were forced through China Telecom’s routers. In the following example, a traceroute from Moscow is taken by Vimpelcom to Frankfurt, handed over to China Telecom’s routers in Frankfurt and, (mercifully) redirected back into Russia via Megafon without getting directed out to Shanghai. (This diversion of domestic Russian traffic is illustrated in the graphic at the beginning of this blog.)
trace from Moscow, Russia to Yaroslavl, Russia at 13:13 Aug 05, 2014
1 * 2 22.214.171.124 (Vimpelcom, Moscow, RU) 0.542ms 3 126.96.36.199 mx01.Frankfurt.gldn.net 37.006ms 4 188.8.131.52 beeline-gw4.china-telecom.net 39.505ms 5 184.108.40.206 ffm-b10-link.telia.net 41.481ms 6 220.127.116.11 ffm-bb2-link.telia.net 42.227ms 7 18.104.22.168 s-bb4-link.telia.net 42.894ms 8 22.214.171.124 s-b2-link.telia.net 41.528ms 9 126.96.36.199 megafon-ic-151430-s-b2.c.telia.net 42.707ms 10 * 11 188.8.131.52 (MegaFon, Volga,RU) 49.992ms 12 184.108.40.206 ysu1-ccr1036-1.yar.ru 50.301ms 13 220.127.116.11 (NETIS Telecom, Yaroslavl’, RU) 54.769ms
BGP is such a complex framework that improper routing of this type can often be the result of human error by engineers acting in good faith. But the same complexity and lack of security can just as easily be abused by hackers, government snoops, or vandals. Madory recommends operators of large networks carefully monitor the routes their traffic traverses and to filter the routes they receive. “Without both measures, your traffic could be easily misdirected, potentially hurting both the performance and security of your Internet communications,” he warned.
Article updated to edit headline.