Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nigerian Firm Takes Blame For Routing Google Traffic Through China (reuters.com)

Posted by BeauHD on from the whoops-a-daisy dept.

Earlier today, it was reported that Google suffered a brief outage on Monday that pushed some of its traffic through networks in Russia, China, and Nigeria. Soon after Google said it would conduct an investigation, Nigeria's Main One Cable Company fessed up to the incident. According to Reuters, the company says it "accidentally caused the problem during a network upgrade." From the report: Main One said in an email that it had caused a 74-minute glitch by misconfiguring a border gateway protocol filter used to route traffic across the internet. That resulted in some Google traffic being sent through Main One partner China Telecom, the West African firm said. Even though Main One said it was to blame, some security experts said the incident highlighted concerns about the potential for hackers to conduct espionage or disrupt communications by exploiting known vulnerabilities in the way traffic is routed over the internet. Main One, which describes itself as a leading provider of telecom and network services for businesses in West Africa, said that it had investigated the matter and implemented new processes to prevent it from happening again.

24 of 56 comments (clear)

  1. Nigerian scam!? by darkain · · Score: 1

    Nigerian scam!?

    1. Re:Nigerian scam!? by cayenne8 · · Score: 1

      First thing came to my mind, with their reputation, WTF does any type of high level routing or anything concerning internet traffic have Nigerian control???

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    2. Re:Nigerian scam!? by GerryGilmore · · Score: 2

      The way that it works in BGP-Land is that once you are designated an "Autonomous System" and assigned a AS number (kinda like having an SS7 ID in telecom land), you can update all of the other BGP routers around the world. It's the only way for the internet to function today. Not that it doesn't need additional security, but....

    3. Re:Nigerian scam!? by msauve · · Score: 1

      BGP was built based on trust relationships, long before there were Nigerian princes on the Internet.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    4. Re:Nigerian scam!? by ravenshrike · · Score: 1

      The real question in this case would be who is holding the majority of Main One's debt. They were leveraged to the hilt in 2011, and since they were planning on raising another 300 million in 2015 I imagine that's still very much the case.

    5. Re:Nigerian scam!? by StormReaver · · Score: 1, Redundant

      I had misread, "Nigeria's Main One Cable Company" as, "Nigeria's One Man Cable Company," which, frankly, would have made more sense.

  2. Any connections? by andydread · · Score: 1

    Hmmm Does China Telecom own a stake in Main One?

    1. Re:Any connections? by mcl630 · · Score: 3, Informative

      First, the answer to OP's question is no, China Telecom has no stake in Main One. Second, your statement about indebted nations makes no sense, Nigeria has a very, very low debt-to-GDP ratio, they haven't been an "indebted nation" since the late 1980s. Read up a little before replying about something you know nothing about.

    2. Re:Any connections? by mcl630 · · Score: 1

      No, they do not.

    3. Re:Any connections? by cheesybagel · · Score: 1

      Yeah no shit. Nigeria has oil & gas fields. Even with all the corruption and graft it's not like the country does not have money in it. It's just that it is mostly concentrated at the top.

  3. Secure BGP by cigawoot · · Score: 4, Insightful

    We really need to figure out a way to secure BGP announcements.

    1. Re:Secure BGP by geekmux · · Score: 1

      We really need to figure out a way to secure BGP announcements.

      Wrong.

      We really need a way to figure out a solution instead of bitching about the same problem for fifteen fucking years.

      This is like bitching about WEP security in 2018. We kind of deserve it at this point.

    2. Re:Secure BGP by WaffleMonster · · Score: 1

      We really need to figure out a way to secure BGP announcements.

      From whom?

  4. I wonder if I'm to blame for all of that? by v1 · · Score: 5, Funny

    that prince said something bad would happen if I didn't help him cash in that inheritance

    --
    I work for the Department of Redundancy Department.
  5. Nigerian Prince Needs you Help! by Anonymous Coward · · Score: 1, Funny

    "Please dear sir,
    I am writing this to you because I am in need of your help. You see I have a vast fortune that I need expedited to your country. I am in the process of immigrating there but to avoid the taxes from your country I wish to transfer to you my fortune. Well wait! When I am successfully in your country I will of course need to take possession of that money, but of course you will be handsomely rewarded for this small trifle of your time! All I need you to do is to reroute your financial information through our servers here in Nigeria so that I can discreetly deposit the funds into your account. Trust me when I say there will be no interruption in any services you see from your end, and at the end of the day there will be a vast sum of money in your account. We have the most reliable service here in Nigeria so you can trust me when I say that your information is completely secure.
    Please respond as soon as possible as time is of the utmost essence."

    --Sent to a senior google engineer

  6. Time for better BGP security? by jonwil · · Score: 1

    Maybe its time for BGP (the protocol that is used by all these networks to talk to each other) to get some security so that people can't advertise routes for IP blocks they dont actually own.

    1. Re:Time for better BGP security? by WaffleMonster · · Score: 3, Funny

      Maybe its time for BGP (the protocol that is used by all these networks to talk to each other) to get some security so that people can't advertise routes for IP blocks they dont actually own.

      Great idea, you should totally do that.

      Tell all of the tier 1 networks not to advertise routes to your 'blocks' because they don't own them.

  7. One Belt One Road by vix86 · · Score: 1

    Some googling shows a number of articles that China is planning to dump billions of dollars into Nigeria in various areas. I wouldn't be surprised to learn that telecoms in Nigeria are also working closely with China and in exchange for money and favors, they are routing traffic -- ie: acting as an arm of the Chinese Intelligence agency.

    I think the West should keep an eye on all the countries that China gets involved with via the One Belt One Road initiative, because those could be countries that might opt to route traffic to China as well.

    1. Re:One Belt One Road by rtb61 · · Score: 1

      Time for a bit of reality, if your traffic is going anywhere near Nigeria, then it is already questionable. So traffic from US to Europe, would not touch Nigeria, etc. So Africa traffic routed through China, well, who the fuck cares. If secured routes get rerouted, then it is a problem but we all should know by now the US can tap into all the undersea cables done by US companies.

      --
      Chaos - everything, everywhere, everywhen
  8. Re:APK Hosts File Engine for Nigerian Prince... ap by aybiss · · Score: 1

    Does he release that APK files run on Android and not Windows?

    --
    It's OK Bender, there's no such thing as 2.
  9. Re:Nazi incel Cayenne's reputation is pure ignoran by darkain · · Score: 1

    But we cannot Google it, that's the whole point! Nigeria stole Google!

  10. Research paper suggests this was deliberate by Darkling-MHCN · · Score: 1

    This article discusses the following research paper which analyses China's efforts to gain the capabilities that brought google down...

    https://scholarcommons.usf.edu... ....whilst minimising the opportunity of the US and the west to create a similar attack against China.

  11. Unbeliveably logical by CustomSolvers2 · · Score: 1

    My knowledge about networks has always been pretty limited and I haven't known much about ASs, BGR, how internet works, etc. until recently. But even now I wasn't truly aware about what having a system intrinsically defined by autonomous entities really means: lots of power in many hands with very different motivations. And what is even worse: lack of true accountability, of a centralised authority in a position to really make sure that everything will be exactly as expected.

    On the other hand, if I had thought about all this a bit carefully, I would have also come to the conclusion that it is the most logical outcome from a mixture of sovereign countries + international law (-> promises, not-really-enforceable agreements or, in the most extreme cases, concessions of small chunks of sovereignty which countries voluntarily give) + global network. The difficulty associated with enforcing the application of certain rules in a web-based environment (hosted in country X and used in country Y) seems intuitively clear to me, but curiously not the fact that same ideas also apply to the underlying physical structure. I guess that, similarly to what happens to most of people before having a proper understanding about the given situation, I couldn't see problems which appear to me as evident now. Ignorance does certainly provoke blindness, no matter how much knowledge you might have on other issues. Scary! Luckily for me (+ others who might be affected by my actions), I am quite aware about this fact and never make relevant decisions about any issue until after having made completely sure that I have a proper knowledge about it :)

    The expected reliability/accountability of a given system is mostly defined by the authority which rules it; or, in other words and as pointed out in some comments above, it is as strong as its weakest link. An international effort including all the countries will always be conditioned by the intrinsic independence of all of them (e.g., to set up the internal proceedings to assess/monitor the suitability of organisations dealing with the national infrastructures). Theoretically, all the internal regulations are coordinated and there are ways to somehow force disobbeying countries to modify their behaviours. But all these efforts will always happen at a relatively distant, after-problems-arise position. Sovereign countries (and, within them, their companies) will always have the real power and their non-ideal actions might definitively have some temporary negative impact at a global scale.

    The traditional standardisation approach (e.g., here you have the rules which you are expected to apply; you would be the only one losing in case of trying to trick the system via having inferior national products) doesn't seem applicable to the current scenario. It is a tough one. Governments and internal law don't seem to provide a reliable enough solution. Companies and the market might certainly allow to reach a stage of much higher control, but at what expense? Letting private interests have the last word in something as important as this? What would be the difference between that scenario and the current one (ASs being probably private companies but obeying certain national legislation)? And what about a mixed (governments + companies) multi-tier, elitist setup driving to the creation of different internets? It doesn't sound too well (all the elitism-based whatever sounds equally bad to me), but seems the most probable medium-term evolution: multi-country organisations ensuring a higher level of control over the activity of its members and having some real decision/monitoring power (e.g., the UE).

    --
    Custom Solvers 2.0 = Alvaro Carballo Garcia = varocarbas.
    1. Re:Unbeliveably logical by CustomSolvers2 · · Score: 1

      All these autonomous entities may seem scary to you - a single central authority seems much more scary to me. If one entity is wrong, I can take the trouble to deal with another one instead. But if a central authority is inefficient or malignant. . .

      Don't get me wrong. I am all for independence and individualism and do think that this is usually the most efficient approach in most of scenarios. The problem with internet and its difference with respect to your examples is that what happens in one country might affect all the remaining ones. If country X has a bad mailing system, its citizens will get their mail late or never; what is not exactly a problem for countries Y and Z. But has proven by the current article, it might be possible for (the companies of) a country to affect communications happening between individuals in other countries. This is the reason why I assume that there will be some changes. In any case, I am not scared about that situation or ask for those changes (I assumed that internet is unsafe and all my data/privacy is compromised long time ago); I am just sharing what I think that will be the probable evolution, if not in general, at least at some levels like national security or military.

      --
      Custom Solvers 2.0 = Alvaro Carballo Garcia = varocarbas.