For two hours last week, a BGP route leak resulted in large portions of European Internet traffic being routed through China Telecom’s network.
According to a report from Oracle, the incident started at 09:43, on June 6, 2019, and consisted of Swiss data center colocation company Safe Host leaking over 70,000 routes to China Telecom in Frankfurt, Germany.
The Chinese telecommunication company then announced these routes on to the global Internet, which resulted in large amounts of web traffic destined for some of the largest European mobile networks to be redirected through China Telecom’s network.
European networks that were most impacted by the route leak included Swisscom of Switzerland, KPN of Holland, and Bouygues Telecom and Numericable-SFR of France.
“Often routing incidents like this only last for a few minutes, but in this case many of the leaked routes in this incident were in circulation for over two hours. In addition, numerous leaked routes were more-specifics of routed prefixes, suggesting the use of route optimizers or similar technology,” Oracle’s Doug Madory explains.
Over 1,300 Dutch prefixes were announced in this leak, and 470 routes of KPN went through China Telecom’s network. The same happened for 64 routes of Swisscom, out of 200 Swiss prefixes announced by the leak.
Oracle observed 150 Bouygues Telecom prefixes in the leak, including 127 more-specifics of existing routes and also noticed that even some of its own traceroute measurements were sucked into this routing leak. One that begins in Google in Ashburn, Virginia was detoured through China Telecom en-route to its destination in Vienna, Austria.
This is not the first route leak incident involving China Telecom and is likely not the last. A report published in December last year revealed that the carrier has been constantly misdirecting Internet traffic through its network in China for several years.
The new incident shows that the Chinese carrier has yet to take the necessary precautions to avoid similar re-routes from happening, and also proves that the problem of BGP route leaks continues to persist.
“China Telecom, a major international carrier, has still implemented neither the basic routing safeguards necessary both to prevent propagation of routing leaks nor the processes and procedures necessary to detect and remediate them in a timely manner when they inevitably occur. Two hours is a long time for a routing leak of this magnitude to stay in circulation, degrading global communications,” Oracle notes.
Related: China Telecom Constantly Misdirects Internet Traffic
More from Ionut Arghire
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- Latitude Financial Services Data Breach Impacts 300,000 Customers
- US Government Warns Organizations of LockBit 3.0 Ransomware Attacks
- New ‘Trigona’ Ransomware Targets US, Europe, Australia
- New Espionage Group ‘YoroTrooper’ Targeting Entities in European, CIS Countries
- CISA Seeks Public Opinion on Cloud Application Security Guidance
Latest News
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- New York Man Arrested for Running BreachForums Cybercrime Website
- Huawei Has Replaced Thousands of US-Banned Parts With Chinese Versions: Founder
- Latitude Financial Services Data Breach Impacts 300,000 Customers
