Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russian-Controlled Telecom Hijacks Traffic For Mastercard, Visa, And 22 Other Services (arstechnica.com)

Posted by EditorDavid on from the benign-BGP? dept.

An anonymous reader quotes the security editor at Ars Technica: On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian government-controlled telecom under unexplained circumstances that renew lingering questions about the trust and reliability of some of the most sensitive Internet communications.

Anomalies in the border gateway protocol -- which routes large-scale amounts of traffic among Internet backbones, ISPs, and other large networks -- are common and usually the result of human error. While it's possible Wednesday's five- to seven-minute hijack of 36 large network blocks may also have been inadvertent, the high concentration of technology and financial services companies affected made the incident "curious" to engineers at network monitoring service BGPmon. What's more, the way some of the affected networks were redirected indicated their underlying prefixes had been manually inserted into BGP tables, most likely by someone at Rostelecom, the Russian government-controlled telecom that improperly announced ownership of the blocks.

6 of 76 comments (clear)

  1. So? by klingens · · Score: 5, Insightful

    I'm sure all the relevant important traffic for these sites was and is at least TLS encrypted, right? Right?

    And it's not as if that espionage on banks isn't a totally normal thing:
    https://www.wired.com/2017/04/...
    http://www.spiegel.de/internat...
    http://www.reuters.com/article...

    Not just a few banks or lowly consumer creditcard companies, but SWIFT itself, the system that all banks use to transfer money around the globe. Not just traffic but actual inside data.
    Not to mention a ton of routers inside various banks all over the middle east.

    1. Re:So? by klingens · · Score: 3, Insightful

      If the banking system uses the CA Network and CAs of consumer browsers as their web of trust, to secure financial transactions, then they need to be defrauded of every single penny they have so they can go bankrupt in the next 5 minutes hopefully. We'd all be better off, seriously.

  2. Empahsis noted -- "Russian-controlled" by bogaboga · · Score: 3, Insightful

    I wonder what the headline would have been if it were US entities doing the same thing; with no fact checking by main stream media.

    Think about all the lies we've been fed on all this time...

    1. Re:Empahsis noted -- "Russian-controlled" by Anonymous Coward · · Score: 2, Insightful

      You know when you use phrases like "no fact checking by main stream media" your entire argument is nullified by the fact it shows you be a conspiracy theorist kook right?

      The mainstream media are the ones who fact check - it's the non-mainstream media that has thrived on fake news. I don't know how that hasn't been obvious, but I guess you're just a contrarian retard who likes to pretend his smarter than everyone by seeing the REAL story, rather than by, you know, actually being smart. Whatever floats your boat, but in the real world, you're still correctly perceived as really really dumb though.

      Why don't you fuck off to Russia if you think there's an equivalence between Russia and the US? I'll give you a hint: there isn't. The US is at least still just about an actual functioning democracy, with freedom of the press, and free speech, Russia is none of these things. If you want the press to be suppressed like in Russia then kindly fuck off there rather than trying to kill the press in the US with lies to bring it down to Russia's level of authoritarianism.

  3. Re:4 out of 30 are French by rholtzjr · · Score: 1, Insightful

    So I am taking they would have taken the same stance on the Dewey - Truman election as well. They would have expressed such vitriol in that day and age where one would accept the loss and move on and ensure to do better the next time.

    Honestly, I believe that we are fortunate to have documented proof of what most only had suspicions of in regarding how these people (e.g. career politicians) operate. I am still waiting for the Congressional Term Limits to at least be talked about. I would LOVE to see this at least being discussed and the reason why they will reject it (and you know they will).

    BTW, he did best in states where the electoral college, not collage, worked as designed. If you keep believing that major metropolitan areas have more say in the direction of this country, you will be continually disappointed.

  4. Collection network leaking into prod network by Anonymous Coward · · Score: 3, Insightful

    Likely explanation:
      - rostelcom is running a collection network spying on these netblocks.
      - They use BGP within the collection network to limit what's collected and avoid DoSing themselves. BGP is a good protocol for custom stuff because it's simple to write and debug an endpoint, and it interoperates well.
      - Misconfiguration leaked collection net prefixes onto the public Internet.

    If that's true, the collection is ongoing.

    No news here: NSA is collecting the same and more of both these networks and Russian financial networks. Go back to sleep, sheeple.