Google services disrupted after internet traffic hijack

Donna Miller
November 13, 2018

A tiny Nigerian ISP has hijacked internet traffic meant for Google's data centers.

Network-monitoring companies say service interruptions lasted for almost two hours and ended about 5.30pm EST (12.30 AEDT).

Incorrect routing instructions sent some of the search giant's traffic to Russian network operator TransTelekom, China Telecom and Nigerian provider MainOne between 1:00 p.m. and 2:23 p.m. PT, according to internet research group ThousandEyes.

Google confirms Monday's disruption and says it believes the cause was external. Henthorn-Iwane says this case may have been a war- game test of hijacking capabilities by a nation-state. It turns out internet traffic was being diverted and ended up in China.

UK's largest mobile carrier will launch 5G in 16 cities next year
That said he did note there are challenges in marketing 5G without being critical 4G. However, these sites use 25 percent of all data across the whole network.

Google said the problem has now been sorted out, and that it is looking into measures to prevent it from happening again.

BGPmon, whose services focus on network monitoring and routing events, said on Twitter that the trouble started when Nigerian ISP MainOne leaked 212 IP prefixes to China Telecom; this led to redirecting the traffic and dropping it.

Why is this worrying? "However, this also put valuable Google traffic in the hands of ISPs in countries with a long history of Internet surveillance". As most Google traffic is encrypted, the risk is mitigated somewhat, but the fact the diversion happened at all is of greatest concern.

"The issue with Google Cloud IP addresses being erroneously advertised by internet service providers other than Google has been resolved for all affected users as of 14:35 US/Pacific". At the heart of the issue was Nigerian ISP (AS37282) MainOne Cable Company, which leaked the prefixes to China Telecom, a government-owned provider. The Border Gateway Protocol (BGP) is used to exchange the routing of the information based mostly on network policies and rules configured by a network administrator. The problem is, as ThousandEyes explains, "BGP was created to be a chain of trust between well-meaning ISPs and universities that blindly believe the information they receive".

Other reports by

Discuss This Article