Report sounds alarm on China's rerouting of U.S. Internet traffic

Substantial portion of traffic was routed through China earlier this year, says U.S.-China commission

By , Computerworld |  Security, network security

A report submitted to Congress on Wednesday by the U.S.-China Economic and Security Review Commission expressed concerns over what the commission claims is China's growing ability to control and manipulate Internet traffic.

The report points to two specific incidents that happened earlier this year where actions taken inside China had a direct impact on Internet traffic in the U.S. and other regions of the world.

In one of the incidents, traffic to and from about 15% of all Internet destinations was routed through servers belonging to China Telecom, a state-owned telecommunications company.

The rerouting happened on April 8 and lasted for about 18 minutes. The traffic hijacking impacted U.S. government and military networks including those belonging to the Army, Navy, Air Force, Marine Corp., the Office of the Secretary of Defense, the Department of Commerce, NASA and the U.S. Senate.

Commercial sites including those belonging to Microsoft, Dell and Yahoo were also impacted.

It's unclear if Chinese telecommunications firms did anything with the hijacked data, the commission said in its report. But the kind of access that Chinese authorities had to the data could enable surveillance of specific users or sites, disrupt transactions, prevent a user from establishing connections to specific sites or divert them to other spoofed sites, the report noted.

"Incidents of this nature could have a number of serious implications," the report said.

The second incident mentioned in the report involved a more widely reported , botched attempt by Chinese authorities to block users inside China from accessing sites such as Twitter , YouTube, and Facebook .

Because of a network error, users in the U.S. and Chile also found themselves being unable to access the sites, and being directed to incorrect servers as they would have if they had been inside China.

Today's report makes it clear that there is little evidence to show that either incident was planned or executed deliberately. Even so, the incidents show that China and other countries have the capability to do so, if they wanted.

"Although China is by no means alone in this regard, persistent reports of that nation's use of malicious computer activities raise questions about whether China might seek intentionally to leverage these abilities to assert some level of control over the Internet, even for a brief period," the report noted.


Originally published on Computerworld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness