A+ A A-

Internet’s new biggest threat? How web traffic can be secretly redirected

intenetworking-cabling

Internet experts say huge chunks of sensitive web traffic have been routinely hijacked by hackers and diverted to foreign computers, compromising the data of victims in at least 150 cities worldwide.

Researchers at New Hampshire-based global internet intelligence company Renesys say that they’ve witnessed a complex type of Man-in-the-Middle attack occur on computer networks no fewer than 60 days this year already, the likes of which they say should never have happened.

In incidents described in a report released by Renesys last month, the firm claims that web data from major financial institutions, government agencies and Internet Service Providers (ISPs) alike were all compromised when unidentified hackers exposed a rarely-discussed vulnerability in order to almost silently divert that information away from its intended destinations, and instead route it abroad to be collected, read and then re-sent to the rightful recipient.

The method of attack exploits a vulnerability in the Border Gateway Protocol, or BGP, and takes advantage of the fact that much of the information routed through the global system of networks considered to be the backbone of the internet is exchanged based off of little more than trust among administrators.

BGP is "essentially the glue that holds the disparate parts of the Internet together," Jennifer Rexford, a computer science professor at Princeton University, told the Washington Post’s Andrea Peterson last month.

"Each domain (AT&T, Princeton and so on) will tell its neighbors it connects to directly which destinations it can reach and over what paths," Rexford said of BGP. "Those neighbors will then choose amongst those set of paths that are offered by their respective neighbors, add themselves to the front of the path and tell their neighbors."

"By default your neighbor just believes you, and doesn't have a really reliable way to tell if you are actually telling the truth," Rexford added. Unfortunately for many, though, hackers are alleged to have taken advantage of this vulnerability and in turn exploited the trusting relationship between neighboring domains.

"Like a lot of the technologies underlying the Internet, it was designed without security in mind under this sort of implicit assumption that all the guys on the network are good guys, and all the bad guys -- if they exist at all -- are outside the network," Rexford added. "People worried about the network being vulnerable to physical attacks, but the idea of cyberattacks wasn't really in people's thinking at the time."

Decades later, the internet has emerged to become a beast that even the developers of the protocols it relies on wouldn’t have expected. Renesys says hackers took advantage of this, and were able to therefore hijack web data without relying on the sophisticated means conjured up by officials at, say, the National Security Agency.

While classified documents released this year suggest that the NSA has physically tapped into fiber optic cables carrying internet data and even developed methods of attack to compromise the most complex of encryption algorithms, the method identified by Renesys is a whole different sort of sneaky. What these hackers have been doing, the company claims, involves hijacking the route web traffic is intended to travel and diverting it elsewhere for analysis before sending it back on its right path.

Why settle for simple denial of service, when you can instead steal a victim’s traffic, take a few milliseconds to inspect or modify it and then pass it along to the intended recipient?” Renesys co-founder Jim Cowie wrote last month. “This year, that potential has become reality.”

renesys-trace-route

According to Cowie and company, hackers have been using their skills to take web data meant for certain servers and send it all the way to Belarus in one example, and Ireland in another. The victims, the company claims, were computer users in the United States, South Korea, Germany, the Czech Republic, Lithuania, Libya and Iran, who likely never knew that their internet transmissions were secretly diverted to unintended recipients during the normal transfer of bits and bytes.

In one example cited by Cowie, a computer that connects to the internet in Mexico willingly transmits data to Washington, DC that is carried over BPG by the networking firm PCCW.

Mexican provider Alestra hands it to PCCW for transit in Laredo, Texas,” Cowie wrote, and then “PCCW takes it to the Washington, DC metro area, where they would normally hand it to Qwest/Centurylink for delivery.”

Instead, he continued, PCCW gives that data to another fiber cable owner, Level3, and that’s when hackers have their way with the information.

Level3 . . . is advertising a false Belarus route, having heard it from Russia’s TransTelecom, who heard it from their customer, Belarus Telecom,” he says. “Level3 carries the traffic to London, where it delivers it to Transtelecom, who takes it to Moscow and on to Belarus. Beltelecom has a chance to examine the traffic, and then sends it back out on the ‘clean path’ through Russian provider ReTN. ReTN delivers it to Frankfurt and hands it to NTT, who takes it to New York. Finally, NTT hands it off to Qwest/Centurylink in Washington DC, and the traffic is delivered.”

The recipient, perhaps sitting at home in a pleasant Virginia suburb drinking his morning coffee, has no idea that someone in Minsk has the ability to watch him surf the web,” Cowie said.

Renesys believes around 1,500 individual IP blocks from 150 cities around the world — including Chicago, Denver, Montreal and New York — were compromised in what the firm claims was not an accident, but indeed an attack.

In practical terms, this means that Man-In-the-Middle BGP route hijacking has now moved from a theoretical concern to something that happens fairly regularly, and the potential for traffic interception is very real,” Cowie wrote. “Everyone on the internet — certainly the largest global carriers, certainly any bank or credit card processing company or government agency — should now be monitoring the global routing of their advertised IP prefixes.”

“This kind of attack should not happen,” he added. “You cannot carry out this kind of hijacking without leaving permanent, visible footprints in global routing that point right back to the point of interception. We believe that people are still attempting this because they believe (correctly, in most cases) that nobody is looking.”


rt-logo

Source Here

Crystal Wind™Crystal WindSee us onCrystal Wind Facebook Fan Pageand Crystal Wind Pinterest HomeFollow us onCrystal Wind Twitter Home

 

CrystalWind.ca is free to access and use.
"Please consider a small gift of $11.11 or $22.22 or $33.33
$44.44 or $55.55 or $77.77 or $88.88 or $111.11." 
ॐ Namasté - Blessings!
"Life is an echo, what you send out comes back."

© 2008-2020 crystalwind.ca. All rights reserved.

  Please buy us a coffee!
Pin It

Free Reading Here!!

crystal-wind-oracle-mobile-app
 
Cut Through The Illusions!
Available On The
Apple  / Android / Amazon
NEW Expanded Version - 53 cards!

Who's Online

We have 1444 guests and no members online

Articles: AndEl: Technology

We have 1466 guests and no members online

Featured This Month

Page:

Bright Beltane Blessings!

Bright Beltane Blessings!

The wheel turns to Beltane, also known as Mayday, marking the beginning of S... Read more

Wolf Medicine

Wolf Medicine

Wolf is the pathfinder, the forerunner of new ideas who returns to the clan ... Read more

Do you see 11:11?

Do you see 11:11?

11:11 Do you see it? For many years the numbers 11:11 have been mysteriousl... Read more

4 Lucky Stones For St. Patrick’s Day

4 Lucky Stones For St. Patrick’s Day

I always wake up on St. Patrick’s Day with a big, mischievous smile on my fa... Read more

Spirit of Cougar

Spirit of Cougar

Spirit of Cougar Role: Leader Lesson: Proper Use of Power Element: Earth ... Read more

Fluorite

Fluorite

The Focus And Study Stone Fluorite helps to assimilate ideas and informatio... Read more

Sun in Pisces

Sun in Pisces

Sun in Pisces February 22 through March 20 An Overview of Sun Sign Characte... Read more

Big Winds Moon

Big Winds Moon

Cougar -  Turquoise -  Plantain -  Blue and Green February ... Read more

History of St. Patrick

History of St. Patrick

Saint Patrick, The Apostle of Ireland, was born at what is now Kilpatrick, n... Read more

Beltane

Beltane

Beltane Ritual Celebrated May 1st Beltane is also known as May Day, Walpurg... Read more

Aquamarine

Aquamarine

The Stone of Truth Aquamarine can provide a significant boost to the immune... Read more

Beltane Celtic Style

Beltane Celtic Style

Simple ways to celebrate the feast-days of the Celtic Year. The Return of... Read more

Pisces Mythology

Pisces Mythology

The Mythology of Pisces By most accounts, the mythology of P... Read more

Birth Totem - Wolf

Birth Totem - Wolf

Birth Totem Wolf Birth dates: February 19 - March 20 Birth Totem: Wolf Cl... Read more

The Ash Tree - February 18 - March 17

The Ash Tree - February 18 - March 17

Celtic Symbol : The Trident Or Sea - Horse Zodiac Degrees : 28º00` Aquarius... Read more

Pisces

Pisces

PISCES Feb 20 - Mar 20 Spirit: Search for security Ego: Unrealistic, com... Read more

St Patrick - Ireland's Patron Saint

St Patrick - Ireland's Patron Saint

St. Patrick, the patron saint of Ireland, is one of Christianity's most wide... Read more

Plantain

Plantain

Plantain Helps you feel grounded Gender: Feminine Planet: Venus Element: Ea... Read more

March 15 - The Ides of March - Should You Be…

March 15 - The Ides of March - Should You Beware?

Had it not been for events in ancient Rome, March 15th would be just another... Read more

St. Patrick

St. Patrick

True history and legend are intertwined when it comes to St. Patrick. It is ... Read more

© 2008-2020 CrystalWind.ca. Site Creation by CreativeInceptions.com.
X

Right Click

No right click