Thursday, March 28, 2024

Large Amount Of European ISP’s Mobile Traffic Rerouted Through China Telecom

On 6th June, a large amount of European mobile network Traffic rerouted via China Telecom for nearly two hours, which begins at 09:43 UTC 6 June 2019.

The incident occurred due to BGP route leak from a Swiss-based data center colocation company Safe Host (AS21217) and it leads over 70,000 Traffic rerouted to China Telecom (AS4134) which is controlled by Chinese-government.

The routing incidents were noticed only for a few minutes, but many of the leaked routes were circulated more than 2 hours and more-specifics of routed prefixes.

70,000 Internet routes roughly compared with more than 300 million IP’s traffic and some of the most impacted European networks included Swisscom (AS3303) of Switzerland, KPN (AS1130) of Holland, and Bouygues Telecom (AS5410) and Numericable-SFR (AS21502) of France.

“China Telecom then announced these routes on to the global internet redirecting large amounts of internet traffic destined for some of the largest European mobile networks through China Telecom’s network”

There are various ISP prefixes were in this leak including, 1,300 Dutch prefixes, 200 Swiss prefixes, 150 Bouygues Telecom (AS5410) prefixes.

For an example, Based on the Oracle Internet Intelligence measurements, a traceroute in the following image below begins from Google in Ashburn and it destined for Vienna, Austria but it rerouted through China Telecom (hops 5-8).

China Telecom

Another traceroute from an Oracle datacenter is Toronto to Numericable-SFR in France that gets diverted through China Telecom (hops 8-10).

China Telecom

Oracle concludes with the statement says, Today’s incident shows that the internet has not yet eradicated the problem of BGP route leaks.

“It also reveals that China Telecom, a major international carrier, has still implemented neither the basic routing safeguards necessary both to prevent propagation of routing leaks nor the processes and procedures necessary to detect and remediate them in a timely manner when they inevitably occur. “

“Two hours is a long time for a routing leak of this magnitude to stay in circulation, degrading global communications,” said Doug Madory, director of Oracle’s internet analysis division.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

A New Massive DDoS Attack bit-and-Piece Pattern Targeting Internet Service Providers

Hackers Launching DNS Hijacking Attack to Gain Access to Telecommunication & ISP Networks

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles