I was reading this story earlier today after a colleague shared it. I thought it was very interesting. The research company Renesys has recently disclosed their findings on something as interesting as concerning. For a few days, all the traffic coming from a list of some of the major cities in the US and over the world was routed over Belarus and Iceland. Renesys claims this was an attack and that the main goal was to scan, analyze and perhaps even store all the traffic to obtain who knows what.

In the data analysis they perform they found highly interesting cases, like the one mentioned in the article. An email sent from Guadalajara in Mexico to DC was, at some intermediate step in Virginia, routed to Russia and then, after going through the potentially malicious route in Belarus, was routed back to the US via Frankfurt and New York. It seems that everything originated from an attack on the BGP routing tables (BGP hijacking).

routeAll our communications are encrypted and secured and, unless you work in some top secret organization, there is nothing to worry about. But, still, this is quite preoccupying. I wonder what was the motivation behind this attack.

The report from Renesys presents more evidence from the subsequent attack that routed traffic over Iceland. This report, which you can find here, also discusses in the implications of this attack.

When looking for a good link to refer readers to BGP hijacking information, I found this Defcon talk. Very interesting stuff.

Advertisements