Large Amount Of European ISP's Traffic Rerouted Through China Telecom

On 6th June, a large amount of European mobile network Traffic rerouted via China Telecom for nearly two hours, which begins at 09:43 UTC 6 June 2019.

The incident occurred due to BGP route leak from a Swiss-based data center colocation company Safe Host (AS21217) and it leads over 70,000 Traffic rerouted to China Telecom (AS4134) which is controlled by Chinese-government.

The routing incidents were noticed only for a few minutes, but many of the leaked routes were circulated more than 2 hours and more-specifics of routed prefixes.

- Advertisement -

70,000 Internet routes roughly compared with more than 300 million IP’s traffic and some of the most impacted European networks included Swisscom (AS3303) of Switzerland, KPN (AS1130) of Holland, and Bouygues Telecom (AS5410) and Numericable-SFR (AS21502) of France.

“China Telecom then announced these routes on to the global internet redirecting large amounts of internet traffic destined for some of the largest European mobile networks through China Telecom’s network”

There are various ISP prefixes were in this leak including, 1,300 Dutch prefixes, 200 Swiss prefixes, 150 Bouygues Telecom (AS5410) prefixes.

For an example, Based on the Oracle Internet Intelligence measurements, a traceroute in the following image below begins from Google in Ashburn and it destined for Vienna, Austria but it rerouted through China Telecom (hops 5-8).

Another traceroute from an Oracle datacenter is Toronto to Numericable-SFR in France that gets diverted through China Telecom (hops 8-10).

Oracle concludes with the statement says, Today’s incident shows that the internet has not yet eradicated the problem of BGP route leaks.

“It also reveals that China Telecom, a major international carrier, has still implemented neither the basic routing safeguards necessary both to prevent propagation of routing leaks nor the processes and procedures necessary to detect and remediate them in a timely manner when they inevitably occur. “

“Two hours is a long time for a routing leak of this magnitude to stay in circulation, degrading global communications,” said Doug Madory, director of Oracle’s internet analysis division.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

A New Massive DDoS Attack bit-and-Piece Pattern Targeting Internet Service Providers

Hackers Launching DNS Hijacking Attack to Gain Access to Telecommunication & ISP Networks

Large Amount Of European ISP’s Mobile Traffic Rerouted Through China Telecom

API Security Audit

Latest articles

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks

API Security Webinar

72 Hours to Audit-Ready API Security

Discussion points

More like this

Hackers Exploiting PLC Controllers In US Water Management System To Gain Remote Access

Hackers Hijacked Misconfigured Servers For Live Streaming Sports

Crypto Network Security: Essential Tips To Protect Your Digital Assets In 2023

How To Access Dark Web Anonymously and know its Secretive and Mysterious Activities

How to Build and Run a Security Operations Center (SOC Guide) – 2023

Network Penetration Testing Checklist – 2024