Russian-Controlled Telecom Hijacks Traffic For Mastercard, Visa, And 22 Other Services

An anonymous reader quotes the security editor at Ars Technica: On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian government-controlled telecom under unexplained circumstances that renew lingering questions about the trust and reliability of some of the most sensitive Internet communications.

Anomalies in the border gateway protocol -- which routes large-scale amounts of traffic among Internet backbones, ISPs, and other large networks -- are common and usually the result of human error. While it's possible Wednesday's five- to seven-minute hijack of 36 large network blocks may also have been inadvertent, the high concentration of technology and financial services companies affected made the incident "curious" to engineers at network monitoring service BGPmon. What's more, the way some of the affected networks were redirected indicated their underlying prefixes had been manually inserted into BGP tables, most likely by someone at Rostelecom, the Russian government-controlled telecom that improperly announced ownership of the blocks.

So?

[klingens]

I'm sure all the relevant important traffic for these sites was and is at least TLS encrypted, right? Right?

And it's not as if that espionage on banks isn't a totally normal thing:
https://www.wired.com/2017/04/...
http://www.spiegel.de/internat...
http://www.reuters.com/article...

Not just a few banks or lowly consumer creditcard companies, but SWIFT itself, the system that all banks use to transfer money around the globe. Not just traffic but actual inside data.
Not to mention a ton of routers inside various banks all over the middle east.

Re:So?

[klingens]

If the banking system uses the CA Network and CAs of consumer browsers as their web of trust, to secure financial transactions, then they need to be defrauded of every single penny they have so they can go bankrupt in the next 5 minutes hopefully. We'd all be better off, seriously.

Empahsis noted -- "Russian-controlled"

[bogaboga]

I wonder what the headline would have been if it were US entities doing the same thing; with no fact checking by main stream media.

Think about all the lies we've been fed on all this time...

Re: Empahsis noted -- "Russian-controlled"

They've done it before, go Google. Here's a piece from 2013, and funnily enough it's from rt.com.

https://www.rt.com/usa/mtm-renesys-redirect-internet-775/

Collection network leaking into prod network

Likely explanation:
  - rostelcom is running a collection network spying on these netblocks.
  - They use BGP within the collection network to limit what's collected and avoid DoSing themselves. BGP is a good protocol for custom stuff because it's simple to write and debug an endpoint, and it interoperates well.
  - Misconfiguration leaked collection net prefixes onto the public Internet.

If that's true, the collection is ongoing.

No news here: NSA is collecting the same and more of both these networks and Russian financial networks. Go back to sleep, sheeple.