Large Amount Of European ISP's Traffic Rerouted Through China Telecom

On 6th June, a large amount of European mobile network Traffic rerouted via China Telecom for nearly two hours, which begins at 09:43 UTC 6 June 2019.

The incident occurred due to BGP route leak from a Swiss-based data center colocation company Safe Host (AS21217) and it leads over 70,000 Traffic rerouted to China Telecom (AS4134) which is controlled by Chinese-government.

The routing incidents were noticed only for a few minutes, but many of the leaked routes were circulated more than 2 hours and more-specifics of routed prefixes.

- Advertisement -

70,000 Internet routes roughly compared with more than 300 million IP’s traffic and some of the most impacted European networks included Swisscom (AS3303) of Switzerland, KPN (AS1130) of Holland, and Bouygues Telecom (AS5410) and Numericable-SFR (AS21502) of France.

“China Telecom then announced these routes on to the global internet redirecting large amounts of internet traffic destined for some of the largest European mobile networks through China Telecom’s network”

There are various ISP prefixes were in this leak including, 1,300 Dutch prefixes, 200 Swiss prefixes, 150 Bouygues Telecom (AS5410) prefixes.

For an example, Based on the Oracle Internet Intelligence measurements, a traceroute in the following image below begins from Google in Ashburn and it destined for Vienna, Austria but it rerouted through China Telecom (hops 5-8).

Another traceroute from an Oracle datacenter is Toronto to Numericable-SFR in France that gets diverted through China Telecom (hops 8-10).

Oracle concludes with the statement says, Today’s incident shows that the internet has not yet eradicated the problem of BGP route leaks.

“It also reveals that China Telecom, a major international carrier, has still implemented neither the basic routing safeguards necessary both to prevent propagation of routing leaks nor the processes and procedures necessary to detect and remediate them in a timely manner when they inevitably occur. “

“Two hours is a long time for a routing leak of this magnitude to stay in circulation, degrading global communications,” said Doug Madory, director of Oracle’s internet analysis division.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

A New Massive DDoS Attack bit-and-Piece Pattern Targeting Internet Service Providers

Hackers Launching DNS Hijacking Attack to Gain Access to Telecommunication & ISP Networks

Large Amount Of European ISP’s Mobile Traffic Rerouted Through China Telecom

Supply Chain Attack Prevention

Follow Us on Google News

Latest articles

Threat Actors Manipulate Search Results to Lure Users to Malicious Websites

Hackers Imitate Google Chrome Install Page on Google Play to Distribute Android Malware

Dangling DNS Attack Allows Hackers to Take Over Organization’s Subdomain

HelloKitty Ransomware Returns, Launching Attacks on Windows, Linux, and ESXi Environments

Resilience at Scale

Why Application Security is Non-Negotiable

Discussion points

More like this

Ivanti Released Security Update With The Fixes for Critical Endpoint Manager RCE Vulnerabilities

Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released

Chinese Hacked Exploit Juniper Networks Routers to Implant Backdoor

How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities

How to Build and Run a Security Operations Center (SOC Guide) – 2023

Network Penetration Testing Checklist – 2025