Internet Traffic To Major Tech Firms Mysteriously Rerouted To Russia (securityweek.com)

← Back to Stories (view on slashdot.org)

Internet Traffic To Major Tech Firms Mysteriously Rerouted To Russia (securityweek.com)

Posted by msmash on Thursday December 14, 2017 @05:46AM from the weird-happenstance dept.

wiredmikey writes: Internet traffic to some of the world's largest tech firms was briefly rerouted to Russia earlier this week in what appeared to be a Border Gateway Protocol (BGP) attack. Internet monitoring service BGPmon noticed that 80 IP prefixes for organizations such as Google, Microsoft, Apple, Facebook, NTT Communications, Twitch and Riot Games had been announced by a Russian Autonomous System (AS).

It happened twice on Tuesday and each time it only lasted for roughly three minutes. The first event took place between 04:43 and 04:46 UTC, and the second between 07:07 and 07:10 UTC. Despite being short-lived, BGPmon said the incidents were significant, including due to the fact that the announcements were picked up by several peers and some large ISPs, such as Hurricane Electric and Zayo in the U.S., Telstra in Australia, and NORDUnet, which is a joint project of several Nordic countries. The incident is rather suspicious, as the prefixes that were affected are all high profile destinations, as well as several more specific prefixes that aren't normally seen on the Internet.

59 of 106 comments (clear)

Min score:

Reason:

Sort:

MitM attacks by Rick+Schumann · 2017-12-14 05:51 · Score: 5, Interesting

Seems to me you can complete quite a few MitM attacks in three minutes. Wonder how many people were compromised and/or how many websites were compromised? Or was this just a 'dry run' for a larger attack? Guess we won't know until the other shoe drops.
1. Re:MitM attacks by Anonymous Coward · 2017-12-14 17:34 · Score: 1
  
  Im safe, I use kaspersky!
  CAPTCHA: cleaned
Russia is a Problem by ohnocitizen · 2017-12-14 05:51 · Score: 1, Offtopic

Their hostile behavior is only getting worse, and we can either bury our heads in the sand and allow their puppet Trump to avoid doing anything to deal with the threat they represent, or we can get adults into the government in 2018 and take this country back!
1. Re:Russia is a Problem by Rick+Schumann · 2017-12-14 05:53 · Score: 1, Insightful
  
  Eh, give Mueller a chance, he's just starting to build up momentum. Just cross your fingers that we don't end up with Pence as POTUS, that'd be much worse than you imagine.
2. Re:Russia is a Problem by um...+Lucas · 2017-12-14 05:57 · Score: 2, Informative
  
  If we have someone if office that broke the law, we shouldn't leave them in out of fear that their successor's policies are worse. That makes it even more political. If they did something wrong, they did something wrong, that's it. Not "it's illegal, but we'll selectively not enforce the law because..."
3. Re:Russia is a Problem by irving47 · 2017-12-14 06:00 · Score: 1
  
  "Let's hope he gets rid of Trump for us, but let's keep our fingers crossed he doesn't, because the replacement would be worse.."
  Well that's really clever.
  
  --
  I had a sucky sig.
4. Re:Russia is a Problem by Rick+Schumann · 2017-12-14 06:04 · Score: 1, Interesting
  
  Not suggesting that. If Mueller discovers there was in fact collusion and therefore Trump can't legitimately be POTUS, I'd hope that they'd throw out his entire cabinet and force a special election. It'd be a huge mess but it'd be better than Pence as POTUS, at least in the long run. Problem is there's no precedent for any of that, so who knows how it'd be handled? With the GOP still holding a majority in Congress, they'd fight as hard as they possibly could to keep Pence around -- which would be far, far worse for the country than Trump has been, in ways I don't even want to think about (spoiler: Pence is a Dominionist). Also it may take another year or two for Mueller's investigation to come to it's conclusion. Most likely scenario is the Trump Administration doesn't do much of anything for 4 years, the GOP keeps fighting with itself for 4 years, and in 2020 we end up with a Democrat back in the Whitehouse and the GOP back in the minority, as the needle swings back towards the left, as everyone realizes what a gigantic mistake and disaster their choices in 2016 were.
5. Re:Russia is a Problem by jellomizer · 2017-12-14 06:09 · Score: 2, Informative
  
  I have more faith that Pence will be working towards are national interests vs Trump who is out for Trump.
  I much rather be displeased about the choice the President Made, vs Scared of the choice the President had made.
  
  --
  If something is so important that you feel the need to post it on the internet... It probably isn't that important.
6. Re:Russia is a Problem by hackwrench · 2017-12-14 06:10 · Score: 2
  
  The Constitution has provisions to handle this unfortunately and if Mike Pence isn't impeached as well, he's in and there's a pecking order as to who gets in determined as well if I recall correctly.
7. Re:Russia is a Problem by Anonymous Coward · 2017-12-14 06:13 · Score: 1
  
  If Trump is found to be illegally elected then Pence is too.
8. Re:Russia is a Problem by jellomizer · 2017-12-14 06:20 · Score: 1
  
  If President is impeached the job goes to VP.
  Now if Pence is part of such collusion chances are he would get fired first, because Mueller is following a normal methodology for tracking down gang. Starting at the bottom giving some deals to the low level offenders and working their way up.
  
  --
  If something is so important that you feel the need to post it on the internet... It probably isn't that important.
9. Re:Russia is a Problem by fahrbot-bot · 2017-12-14 06:43 · Score: 4, Informative
  The Constitution has provisions to handle this unfortunately and if Mike Pence isn't impeached as well, he's in and there's a pecking order as to who gets in determined as well if I recall correctly.
  Wikipedia has the current line of Presidential Succession:
  
  1 Vice President - Mike Pence (R)
  
  2 Speaker of the House of Representatives - Paul Ryan (R)
  
  3 President pro tempore of the Senate - Orrin Hatch (R)
  
  4 Secretary of State - Rex Tillerson (R)
  
  5 Secretary of the Treasury - Steven Mnuchin (R)
  
  6 Secretary of Defense - Jim Mattis (I)
  
  7 Attorney General - Jeff Sessions (R)
  
  8 Secretary of the Interior - Ryan Zinke (R)
  
  9 Secretary of Agriculture - Sonny Perdue (R)
  
  10 Secretary of Commerce - Wilbur Ross (R)
  
  11 Secretary of Labor - Alex Acosta (R)
  
  12 Secretary of Health and Human Services - Eric Hargan (R) Acting
  
  13 Secretary of Housing and Urban Development - Ben Carson (R)
  
  – Secretary of Transportation - Elaine Chao (R) [ ineligible, not natural-born US citizen ]
  
  14 Secretary of Energy - Rick Perry (R)
  
  15 Secretary of Education - Betsy DeVos (R)
  
  16 Secretary of Veterans Affairs - David Shulkin (I)
  
  17 Secretary of Homeland Security - Kirstjen Nielsen (I)
  
  See *anyone* in there you'd really like to see as President?
  --
  It must have been something you assimilated. . . .
10. Re:Russia is a Problem by ShanghaiBill · 2017-12-14 06:48 · Score: 1
  
  Now if Pence is part of such collusion ...
  Evidence suggests he was not. He was never part of Donald's inner circle. Mike Flynn was fired for lying to Pence. If Pence was "in on it", Flynn wouldn't have lied, and Pence wouldn't have been asking.
  Pence would be worse on social issues, but he would likely be better on foreign policy, and economic management.
11. Re:Russia is a Problem by ahodgson · 2017-12-14 06:56 · Score: 1
  
  Mattis. I'd take a Marine Corp general over any politician.
12. Re:Russia is a Problem by jbengt · 2017-12-14 07:07 · Score: 1
  
  Mike Flynn was fired for lying to Pence. If Pence was "in on it", Flynn wouldn't have lied, and Pence wouldn't have been asking.
  You're assuming that the reason given for firing Flynn wasn't just an excuse. There's evidence that Pence, among others on the transition team that Pence was in charge of, knew about Flynn's activities before Flynn "lied to Pence".
  
  Pence would be worse on social issues, but he would likely be better on foreign policy, and economic management.
  On those points I agree.
13. Re:Russia is a Problem by bobbied · 2017-12-14 07:07 · Score: 2
  
  Not suggesting that. If Mueller discovers there was in fact collusion and therefore Trump can't legitimately be POTUS, I'd hope that they'd throw out his entire cabinet and force a special election.
  You cannot be serious.. A "Special election"?
  We are a nation of laws and the whole thing starts with the US Constitution which addresses how it works when the office of president is vacant and it's NOT by special election. The office goes to the Vice-president who then appoints a new VP of his/her choice. Should BOTH the President and Vice-president be incapacitated at the same time, the office would fall to the speaker of the house, right now that would be Paul Ryan... There is a whole list of who gets the office in the case where all the previous people are unavailable but we've never had to go past VP at this point.
  Assuming "Rick" is a US citizen, I'm shaking my heat wondering what kind of school he went too which seems to have omitted any discussions about the US constitution because his education is sorely lacking, painfully so. A "special election" ? Now that's sad.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
14. Re:Russia is a Problem by AlanObject · 2017-12-14 07:13 · Score: 2
  
  If Trump is found to be illegally elected then Pence is too.
  There is going to be no finding of Trump being elected illegally. The moment that Hillary conceded the election, as did Al Gore before her, the result was final and legal no matter how "crooked" or "influenced" it was.
15. Re:Russia is a Problem by bobbied · 2017-12-14 07:13 · Score: 1
  
  If Trump is found to be illegally elected then Pence is too.
  Trump was legally elected. The results have been certified by all the states, the Electoral college have voted and the results legally reported to congress from the states. There is no going back, regardless of how this came about. It's history, it cannot be changed now.
  Apart from death, incapacitation, resignation or impeachment, Trump and Pence are in office until noon, January 20, 2021, or 2025 should they win their second election in 2024.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
16. Re:Russia is a Problem by tsqr · 2017-12-14 07:20 · Score: 1
  
  If Trump is found to be illegally elected then Pence is too.
  If Trump is found to have colluded with Russia in an effort to influence the election, then he will be impeached for that crime. He will not be impeached for "being illegally elected", whatever that might mean. Then Pence will become president, in accordance with the established succession rules. There is no legal mechanism for declaring the election null and void.
17. Re:Russia is a Problem by fahrbot-bot · 2017-12-14 07:21 · Score: 1
  
  Mattis. I'd take a Marine Corp general over any politician.
  Unfortunately, he's in line *after* Secretary of the Treasury "we have over 100 people working overtime for months to produce a 1 page 'analysis' of the Republican Tax Plan - that supports everything" Steven Mnuchin and his wife, Bond villain Louise Linton.
  
  --
  It must have been something you assimilated. . . .
18. Re:Russia is a Problem by Rick+Schumann · 2017-12-14 07:22 · Score: 1
  
  You're probably right. And he'd likely be out in 2020 anyway. Of course it'll take a decade at least to repair all the damage done thusfar regardless.
19. Re:Russia is a Problem by FatdogHaiku · 2017-12-14 07:52 · Score: 1
  
  ...The office goes to the Vice-president who then appoints a new VP of his/her choice....
  The new VP would need a confirmation by a majority vote of both Houses of Congress... Election 2018 looking more important all the time, for both parties.
  Amendment 25 part 2
  
  --
  You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
20. Re:Russia is a Problem by stonecypher · 2017-12-14 08:12 · Score: 1
  
  Consider looking into other military presidents, such as Ulysses S Grant
  
  --
  StoneCypher is Full of BS
21. Re:Russia is a Problem by Rob+Y. · 2017-12-14 08:36 · Score: 1
  
  Does the Constitution address what should be done if the results of an election are tainted? Is impeaching the President and Vice President and following the chain of succession from there the best we have - or is it undefined how you deal with an invalidated election process?
  
  --
  Posted from my Android phone. Oh, I can change this? There, that's better...
22. Re:Russia is a Problem by bobbied · 2017-12-14 08:44 · Score: 2
  
  True, but the president appoints and a majority of congress approves or not. Pence would get his choice because I doubt the democrats would want to be seen turning his choice down just for spite, and it would be just for spite.
  I suppose it would depend on the circumstances of Pence taking power though. IF Trump is forced out (impeached/convicted or resigns under duress) the democrats would be stupid to be seen bashing Pence after bashing Trump. I can see the voters getting really tired of the partisan game playing by then. If Trump is incapacitated or dies in office, the sympathy factor will preclude democrats wanting to be seen as bashing Pence.
  I don't see impeachment/conviction being even remotely possible regardless of what 2018 brings us in the house. You might manage to float it though the house after 2018 but It's far from sure democrats will take the house back. (I'm betting not). If you do manage to get articles of impeachment though the house I doubt Trump will resign under democratic pressure, doesn't seem to be his style. The Senate won't vote to convict regardless of what happens in 2018 (it takes 2/3rds you know). So Trump remains president though January 20, 2021.
  But I have a question... What would be the "high crimes and misdemeanors" in this hypothetical impeachment? I cannot seem to come up with anything that's plausible and serious enough to warrant what you trying to do here. Just because folks like to yell "Impeach 45" at campaign rallies doesn't make it possible or advisable...
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
23. Re:Russia is a Problem by bobbied · 2017-12-14 09:04 · Score: 1
  
  What on earth are you talking about? There is no such thing as a "tainted" election, the votes are counted and certified in each state, electors appointed and they cast their votes which is reported to congress. Congress accepts the report from each state for how their electors voted, breaks any ties and certifies the election and we have a president elect. You don't go back at this point, regardless of what happened before, it's done and not reversible.
  So, why the question about tainted elections? Do you think there was something amiss in an election or something? Which election and what do you suppose happened? I will tell you that if you claim an election was "tainted" it better be something significant, not just some alleged activity for which no proof can be found or you are engaging in some seriously dangerous behavior for this country.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
24. Re: Russia is a Problem by aliquis · 2017-12-14 11:10 · Score: 1
  
  Go Mattis.
  Free and save Europe.
25. Re:Russia is a Problem by liquid_schwartz · 2017-12-14 12:01 · Score: 1
  
  If we have someone if office that broke the law, we shouldn't leave them in out of fear that their successor's policies are worse. That makes it even more political. If they did something wrong, they did something wrong, that's it. Not "it's illegal, but we'll selectively not enforce the law because..."
  This is akin to how most voting is less about being for something good and mostly about how bad the other person is. A "None of the above" option would fix this but so far nobody has tried it. It's pretty simple, if "None of the above" wins (or if you really want a good system gets in the top 2) then the existing candidates are barred from re-running for that office and a new election is held in the near future. "None of the Above" would have easily beaten both Hillary and Trump in 2016.
26. Re:Russia is a Problem by liquid_schwartz · 2017-12-14 12:06 · Score: 1
  
  You're probably right. And he'd likely be out in 2020 anyway. Of course it'll take a decade at least to repair all the damage done thusfar regardless.
  Probably more than a decade. Consider that we've had *many* years of poor leadership. Trump is off to a poor start. Obama was a divisive joke. Bush was pathetic too. You have to go back to Bill Clinton to get anything halfway decent. I think you have to go back as far as Eisenhower to get something really good.
27. Re: Russia is a Problem by Brockmire · 2017-12-14 12:19 · Score: 1
  
  The American banks have colluded on aluminum price fixing in the past. The suits got tossed, but I recall reading an analysis of the shell companies, the late orders, moving metals from one place to another and back, etc, it was pretty clear they were in the wrong and controlling pricing.
28. Re:Russia is a Problem by Ol+Olsoc · 2017-12-14 16:47 · Score: 1
  
  See *anyone* in there you'd really like to see as President?
  I vote the moo cow guy. Whatever happened to him anyhow, I really liked him.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
29. Re:Russia is a Problem by dave420 · 2017-12-14 20:26 · Score: 1
  
  I 'member!
30. Re:Russia is a Problem by Rob+Y. · 2017-12-15 03:39 · Score: 1
  
  Well, by 'tainted', I suppose I mean if the Russians had really hacked either voting machines - or tampered with voter registration rolls. Not saying that happened - just asking what the Constitution would have to say about it if it did...
  And I guess if the Trump campaign had actually participated in crimes - like the email hacking itself - or the dissemination of the hacked material, that might count as 'tainted', no?
  
  --
  Posted from my Android phone. Oh, I can change this? There, that's better...
31. Re:Russia is a Problem by bobbied · 2017-12-15 04:55 · Score: 1
  
  Your description of "tainted" then involves the states, not the federal government. Once the results are certified by the state, those are the results from that state. You do recall all the bantering back when Al Gore lost to Bush right? The issue was the same kind of thing. The certified vote count from the state comes from the state's process. So if somebody is altering vote counts, the states are responsible for dealing with it before they certify their results.
  The campaign or individuals on the campaign? Campaigns don't do crimes, individuals do. Such hypothetical crimes are for individuals to answer for, but don't change the election. The votes cast are the votes cast. That's how the outcome of the election is determined regardless.
  Politically there may be hell to pay for stuff done during a campaign or for a party (Watergate anyone?) but the election is not vacated. The law doesn't go back and let you re-do the vote because in this country the vote count is the vote count and the winner is the winner. So, there is no way to go back to Jan 20, 2017 and put HRC in the Whitehouse, if that's what you want, nor can you impeach Trump and have HRC take office in his place even if you caught Trump dead to rights red handed cheating.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
32. Re:Russia is a Problem by sjames · 2017-12-16 04:34 · Score: 1
  
  OTOH, it would be a Pence that knows the president can and will be hauled off in disgrace if necessary and a GOP that knows they're facing a really tough election soon. How anxious will they be to support the tattered remains of the Trump administration?
  If they're smart, they may want to ask themselves that now.
33. Re:Russia is a Problem by ahodgson · 2017-12-19 13:40 · Score: 1
  
  Like Eisenhower? Or Kennedy? OK.
IPv6 by ISoldat53 · 2017-12-14 05:51 · Score: 1

One article I read said this traffic was using IPv4. I'm not an engineer but how would using IPv6 have affected this problem? Are blocks assigned the same way in IPv6 as in 4? Wouldn't it make it harder to target a particular block?
1. Re:IPv6 by Verdatum · 2017-12-14 06:44 · Score: 2
  
  The routing tables used for IPv6 are different, but there's no added feature in IPv6 that would protect from a BGP attack or accidental misconfiguration.
beta test by Anonymous Coward · 2017-12-14 05:55 · Score: 1

Combine this news with Russia's desire to create "their own Internet" https://www.theregister.co.uk/2017/12/01/russia_own_internet/ and I'd call this a beta test. :-(
1. Re:beta test by temcat · 2017-12-14 12:08 · Score: 1
  
  FWIW, as someone who lives in Russia, I would say that one of the most important goals for the thugs and crooks in power here is now the ability to effectively disable arbitrary parts or mechanisms of the Internet for the whole country while making sure that certain critical stuff works, even if it relies on those parts and mechanisms. (I may however be talking out of my ass in terms of understanding how Internet works, so sorry if that is the case.)
BGP vs. Root name servers? by irving47 · 2017-12-14 05:59 · Score: 4, Interesting

I don't know the relationship (if any) between the two, but is it just coincidence this is happening less than a month after this:
https://uawire.org/russia-offers-to-deploy-root-name-servers-in-brics-countries
Also, is this something that can be attributed to the 'handing over' of certain services from the US to the UN?

--
I had a sucky sig.
1. Re:BGP vs. Root name servers? by Freischutz · 2017-12-14 06:33 · Score: 1
  
  I don't know the relationship (if any) between the two, but is it just coincidence this is happening less than a month after this: https://uawire.org/russia-offe...
  Also, is this something that can be attributed to the 'handing over' of certain services from the US to the UN?
  It is. The first thing the UN decided to do when they got control of those services was to redirect all the "Herbal Viagra" and "Penis Enlargement" junk mails to Russia, specifically the address: vladimir.putin@kremlin.ru.
2. Re:BGP vs. Root name servers? by dissy · 2017-12-14 06:58 · Score: 3, Informative
  
  BGP vs. Root name servers?
  I don't know the relationship (if any) between the two, but is it just coincidence this is happening less than a month after this:
  No direct relationship, other than DNS servers like all servers have an IP address, and the backbone routers need to know how to get your traffic to said IP.
  BGP is how the backbone knows where to send packets to get to the destination.
  Normally if you try to go to say Googles web server, the BGP tables list Googles IP space and point to the backbone routers that directly connect (peer) with Googles routers.
  In cases of hijacking like this, Russia updated those route tables to say Google is directly connected to one of their own routers, so any packets you send to a Google IP end up going to Russia first.
  Then they can do whatever they want, like record it and then pass the packets back to the routers originally listed in BGP before the hijack.
  Root DNS servers would be similar, although there are many root DNS servers around the world and any lookups you make tend to semi-randomly pick one from the list for each query.
  Another quirk with the root servers is how they are distributed and that they use a logical/physical separation, primarily to be extremely efficient but it can help in cases like this too.
  There are 13 "logical" root servers, named with the letters A to M, each for the most part under the control of a different organization/entity.
  However for any one of those logical names, there can be many physical servers that answer for it.
  They also don't use unicast IP addressing like nearly every server you're used to, but a type of addressing called anycast.
  So for example, the "A" server is run by Verisign (from back when they were Internic), and the "E" server is run by NASA.
  But "A" actually points to many physical servers distributed around the US.
  Anycast provides one IP for each of those many separated servers, and that IP is actually answered by many different networks and ISPs, each having many redundant physical servers to distribute the load over.
  Which cluster of servers you get mainly depends on which of those networks is closest to you on the network. So you querying the anycast IP on the west coast will have completely different networks and servers responding than if I queried that same IP on the east cost.
  That makes it pretty difficult to hijack in a useful way, and to hijack enough of those routes and servers in a physical area on a single anycast IP, let alone more than one of the server clusters, and let alone again more than one "letter" designated root.
3. Re:BGP vs. Root name servers? by DrStrangluv · 2017-12-14 09:20 · Score: 1
  
  I worry more about this in combination with the Russian government's influence over any certificate authorities located in the country that may be trusted by default by major operating systems and browsers.
Re:Don't worry, Moscow Donald is on it! by HiThere · 2017-12-14 06:14 · Score: 1, Insightful

I'm not sure that he is subservient to Putin. I suspect that he helps Russia commit crimes in the US not because he's a traitor, but rather because he gets flattered or bribed. That doesn't mean he isn't a traitor in common usage, though not within the definition given by the US Constitution. It just means that being a traitor isn't why he does that, it's doing that that makes him a traitor.

--

I think we've pushed this "anyone can grow up to be president" thing too far.
Any other reported activity? by weeboo0104 · 2017-12-14 06:24 · Score: 1

It may be a coincidence, but the Tenable Network Security forums seemed to get hit on Tuesday by something. For about an hour, our account got hit with a string of forum responses from Tenable. Then it just stopped. I'm thinking that maybe if you replied to the forum message via email, it didn't go back to Tenable?

--
It is easier to build strong children than to repair broken men. -Frederick Douglass
Testing, testing... by bradley13 · 2017-12-14 06:29 · Score: 1

Testing for exactly what, well...

--
Enjoy life! This is not a dress rehearsal.
Better title: by Orgasmatron · 2017-12-14 06:32 · Score: 5, Insightful

A better title for the story: Major internet routers still inexplicably accepting unauthenticated BGP announcements

--
See that "Preview" button?
1. Re:Better title: by Anonymous Coward · 2017-12-14 14:20 · Score: 1
  
  It's perfectly explainable. There is still, in 2017, not a viable solution for authenticating BGP routes between major carriers.
HereCometheBRICs by sdinfoserv · 2017-12-14 06:38 · Score: 1

The BRIC nations (Russia, Brazil, China, India & South Africa) are building their own backup global DNS system.
https://www.bleepingcomputer.c...
My guess is that it's on track sooner than expected and it's likely more than the purported "backup". Especially with asshat, cabal owned, Pai killing Net Neutrality today, nobody trusts the US, nor should they. The routing should be taken as a precursor.
Bitcoin theft? by eth1 · 2017-12-14 06:44 · Score: 1, Interesting

Any bets on this being a dry run for a BGP attack used to steal bitcoin?
1. Re:Bitcoin theft? by thygate · 2017-12-14 11:27 · Score: 1
  
  MITM SSL attacks to steal your exchange creds ?
A message? by RhettLivingston · 2017-12-14 07:11 · Score: 1

I wonder if there is something previously considered secret in common about some of the addresses. We'd probably never know if some or all were key points of some government cyber collection or war system, but someone would be having a very, very bad day if they were.
Re:No excuse for this by bobbied · 2017-12-14 07:18 · Score: 1

Exactly this.
This was my first thought... Who accepts route changes from people you don't trust? I suppose *somebody* did this and everybody who trusted them fell in line, but I'd yank who ever sent me such changes out of my trusted list regardless of who they where...

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Anyone get suspicious Facebook logins recently? by ShamblerBishop · 2017-12-14 08:46 · Score: 2

I have a throwaway Facebook account, with a deliberately useless password (easy to recover even with hash+salt) - and it was logged into yesterday from Brazil of all places. Unless Facebook allows unlimited attempts at password logins, before notifying users of failed login attempts, then nobody has tried to login to my account before - and this person appears to have gotten in first-time... So, wonder if my account as MITM'd during a BGP reroute - I didn't login since Monday or before, though.
Re: Nuke Russia by sabri · 2017-12-14 10:48 · Score: 1

Can we nuke Russia already for these high crimes?
What makes you think any Russian citizen is involved? They could be a victim as much as the companies who owned the hijacked subnets.

All we know at this time is that an AS number assigned to a Russian entity was used. Anyone can configure that on their router, just as I can send a threatening letter with your return address on the envelope.

--
I'm not a complete idiot... Some parts are missing.
Re: Nuke Russia by nazsco · 2017-12-14 16:34 · Score: 1

I think they were talking about the network being in Russia has nothing to do with a russian citizen or government being involved.
it is much easier to rent/compromise computers and run a flase flag than it is to move thousands of troops or expensive military equipment for a flase flag operation in the "old military economy"
Re: Nuke Russia by Ol+Olsoc · 2017-12-14 16:45 · Score: 1

I think they were talking about the network being in Russia has nothing to do with a russian citizen or government being involved.
it is much easier to rent/compromise computers and run a flase flag than it is to move thousands of troops or expensive military equipment for a flase flag operation in the "old military economy"
If it came fmor outside Russia, it wasn't Russia. If it came from inside Russia, it wasn't Russia. The No True Russia argument.

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Re:No excuse for this by sjames · 2017-12-16 05:04 · Score: 1

Keep in mind that BGP is an automated process. After the fact, rules may be added to limit trust, but that doesn't prevent the initial problem.
Also keep in mind that in many cases, BGP is the only way you know anything about the routes. All you have is that router A says it has a 5 hop route to range X and router B says it has a 4 hop route to the same range. Neither A nor B is directly connected to the range in question and both are also depending on BGP.
The stability of BGP currently depends on the lower level routers having rules to enforce some level of plausibility but at the level of an exchange, there are a lot ofseemingly plausible routes that would be incorrect. It will take a good bit of analysis to come up with mostly good plausibility rules there.
Given what has just happened, it may be necessary to limit routes to Russia to a few choke points that are configured to only accept routes to IPs associated with Russia from Russian routers, but it would take a world-wide effort to really lock that down.