Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russian-Controlled Telecom Hijacks Traffic For Mastercard, Visa, And 22 Other Services (arstechnica.com)

Posted by EditorDavid on from the benign-BGP? dept.

An anonymous reader quotes the security editor at Ars Technica: On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian government-controlled telecom under unexplained circumstances that renew lingering questions about the trust and reliability of some of the most sensitive Internet communications.

Anomalies in the border gateway protocol -- which routes large-scale amounts of traffic among Internet backbones, ISPs, and other large networks -- are common and usually the result of human error. While it's possible Wednesday's five- to seven-minute hijack of 36 large network blocks may also have been inadvertent, the high concentration of technology and financial services companies affected made the incident "curious" to engineers at network monitoring service BGPmon. What's more, the way some of the affected networks were redirected indicated their underlying prefixes had been manually inserted into BGP tables, most likely by someone at Rostelecom, the Russian government-controlled telecom that improperly announced ownership of the blocks.

13 of 76 comments (clear)

  1. So? by klingens · · Score: 5, Insightful

    I'm sure all the relevant important traffic for these sites was and is at least TLS encrypted, right? Right?

    And it's not as if that espionage on banks isn't a totally normal thing:
    https://www.wired.com/2017/04/...
    http://www.spiegel.de/internat...
    http://www.reuters.com/article...

    Not just a few banks or lowly consumer creditcard companies, but SWIFT itself, the system that all banks use to transfer money around the globe. Not just traffic but actual inside data.
    Not to mention a ton of routers inside various banks all over the middle east.

    1. Re:So? by klingens · · Score: 3, Insightful

      If the banking system uses the CA Network and CAs of consumer browsers as their web of trust, to secure financial transactions, then they need to be defrauded of every single penny they have so they can go bankrupt in the next 5 minutes hopefully. We'd all be better off, seriously.

    2. Re:So? by arglebargle_xiv · · Score: 2

      I'm sure all the relevant important traffic for these sites was and is at least TLS encrypted, right? Right?

      Yep, but it was auth-only TLS because adding confidentiality protection creates too much overhead and banks mostly care about auth/integrity, not confidentiality.

  2. Empahsis noted -- "Russian-controlled" by bogaboga · · Score: 3, Insightful

    I wonder what the headline would have been if it were US entities doing the same thing; with no fact checking by main stream media.

    Think about all the lies we've been fed on all this time...

    1. Re: Empahsis noted -- "Russian-controlled" by Anonymous Coward · · Score: 3, Informative

      They've done it before, go Google. Here's a piece from 2013, and funnily enough it's from rt.com.

      https://www.rt.com/usa/mtm-renesys-redirect-internet-775/

    2. Re:Empahsis noted -- "Russian-controlled" by Anonymous Coward · · Score: 2, Insightful

      You know when you use phrases like "no fact checking by main stream media" your entire argument is nullified by the fact it shows you be a conspiracy theorist kook right?

      The mainstream media are the ones who fact check - it's the non-mainstream media that has thrived on fake news. I don't know how that hasn't been obvious, but I guess you're just a contrarian retard who likes to pretend his smarter than everyone by seeing the REAL story, rather than by, you know, actually being smart. Whatever floats your boat, but in the real world, you're still correctly perceived as really really dumb though.

      Why don't you fuck off to Russia if you think there's an equivalence between Russia and the US? I'll give you a hint: there isn't. The US is at least still just about an actual functioning democracy, with freedom of the press, and free speech, Russia is none of these things. If you want the press to be suppressed like in Russia then kindly fuck off there rather than trying to kill the press in the US with lies to bring it down to Russia's level of authoritarianism.

  3. 4 out of 30 are French by Anonymous Coward · · Score: 2, Interesting

    Is it also coincidence that 4 out of 30 are French?

    We got election in France with Le Pen with very close ties to Russia.

    Did not Clinton lose thanks to Russian hackers that broke into her email?

    1. Re:4 out of 30 are French by Rockoon · · Score: 2

      Did not Clinton lose thanks to Russian hackers that broke into her email?

      Clinton lost because the Democrat party lost.
      br. The Democrat party lost because their leaders as a whole are the worst corporate tools that there has ever been.

      --
      "His name was James Damore."
    2. Re:4 out of 30 are French by Entrope · · Score: 2

      Yeah, swing states prove the electoral college is worthless. Rust Belt states like Pennsylvania, Michigan and Wisconsin are such safe Democratic strongholds that no presidential candidate with an (R) after their name should bother campaigning there.

    3. Re:4 out of 30 are French by jeff4747 · · Score: 2

      BTW, he did best in states where the electoral college, not collage, worked as designed.

      This, btw, is false.

      If the intention of the founders was to over-represent rural areas, then they would not have included the size of the House delegations in the number of Electoral College votes. Because it doesn't make any sense to have the difference in Electoral College vote size based on population if your intention was to represent states.

      What's going on is an artifact of the size of the House, and the fact that we have not expanded the number of House members since the early 1900s.

      It appears the founders intended the House to have one representative per 100,000 people, as evidenced by the amendment they wrote about it. That amendment has an amusing history featuring things like a ratification literally lost in the mail, so it's not part of the Constitution. But it provides a window into what the framers were thinking.

      Anyway, if we had kept up with that formula, or kept up with the ~200,000 per seat when the House reached 435 members in the 1910s, then we'd have LOTS more House members today (about 1,600 at 200k/district) and an Electoral College that looked a lot more like the popular vote.

      But we stopped expanding the House at 435 seats for various reasons (some good, some sinister). So districts in populous states have a ton of people in them. CA has 53 districts, so they've got around 740,000 people per district if you assume equal population size. WY's one district has 586,000 people in it. Use that 200k/district rule and WY gets about two House districts, and CA gets about 196. Yielding 4 Electoral votes for WY, and 198 for CA.

    4. Re: 4 out of 30 are French by SuricouRaven · · Score: 2

      I think a lot of people saw the election as "Douche v Asshole."

  4. The U.S. does this regularly by Anonymous Coward · · Score: 2, Interesting

    in addition to all other spying on the world, but of course we're not allowed to talk about that. If something like this happens, most likely accidentaly, then all the shit-outlets on the Internet are quick to blow it up and point fingers.

  5. Collection network leaking into prod network by Anonymous Coward · · Score: 3, Insightful

    Likely explanation:
      - rostelcom is running a collection network spying on these netblocks.
      - They use BGP within the collection network to limit what's collected and avoid DoSing themselves. BGP is a good protocol for custom stuff because it's simple to write and debug an endpoint, and it interoperates well.
      - Misconfiguration leaked collection net prefixes onto the public Internet.

    If that's true, the collection is ongoing.

    No news here: NSA is collecting the same and more of both these networks and Russian financial networks. Go back to sleep, sheeple.