Massive chunks of European mobile traffic re-routed through China Telecom

Massive chunks of European mobile traffic re-routed through China Telecom

Vast amounts of European mobile traffic re-routed through China Telecom

Vast amounts of European mobile traffic were re-routed through China Telecom's network for over two hours last Thursday, giving rise to fears that such traffic could have been intercepted by Chinese agencies before making their way back to European ISPs.
The re-routing of European mobile traffic occurred due to a Border Gateway Protocol (BGP) leak at the Safe Host data centre in Switzerland that resulted in over 70,000 routes being re-routed via the Chinese ISP rather than traditional ones.
While BGB leaks do occur from time to time, the failure of China Telecom to implement basic routing safeguards to prevent such leaks or to remediate routing leaks quickly resulted in so much European mobile traffic being re-routed through the ISP, that too for over two hours when such leaks shouldn't last for more than a few minutes, said Doug Madory, director of Oracle's internet analysis division.
"Today's incident shows that the internet has not yet eradicated the problem of BGP route leaks. Two hours is a long time for a routing leak of this magnitude to stay in circulation, degrading global communications," he said.
The massive leak impacted a number of European ISPs such as KPN of the Netherlands, Swisscom of Switzerland, and Numericable-SFR and Bouygues Telecom of France. It also resulted in major reductions in Internet speeds for the duration of the leak.

China Telecom behind major outage in London last week

Reportedly, the route leak was also behind major network outages in London last Thursday that cut access to WhatsApp. Network monitoring company ThousandEyes had initially held a Cogent data centre in London responsible for the outage but later told FierceTelecom that China Telecom was responsible for the same.
"What we can share now is that Cogent, like many service providers, accepted a route leak that originated from a Swiss colocation company called Safe Host and was propagated by China Telecom (a Cogent peer). Due to this route leak, China Telecom was inserted into the internet path for many services. Unfortunately, China Telecom either dropped the traffic or was suffering significant packet loss that impacted these services.
"In the case of WhatsApp, Cogent’s routers in London were the last hops in the internet path that handed off traffic to China Telecom. Our further analysis is showing that the likely source of the packet loss occurred in the connection between Cogent’s and China Telecom’s networks. Since we saw significant evidence of packet loss at other points in China Telecom’s network, it is likely that China Telecom was the provider that dropped the traffic," it said.
ALSO READ: Cloud traffic to represent 95% of total data centre traffic by 2021: Cisco

Copyright Lyonsdown Limited 2021

Top Articles

It’s time to upgrade the supply chain attack rule book

How can infosec professionals critically reassess how they detect and quickly prevent inevitable supply chain attacks?

Driving eCommerce growth across Africa

Fraud prevention company Forter has partnered with payments technology provider Flutterwave to drive eCommerce growth across Africa and beyond.

Over 500,000 Huawei phones found infected with Joker malware

The Joker malware infiltrated over 500,000 Huawei phones via ten apps using which the malware communicates with a command and control server.

Related Articles