Domestic Internet traffic traveling inside the borders of Russia has repeatedly been rerouted outside of the country under an unexplained series of events that degrades performance and could compromise the security of Russian communications.
The finding, reported Thursday in a blog post published by Internet monitoring service Dyn, underscores the fragility of the border gateway protocol (BGP), which forms the underpinning of the Internet's global routing system. In this case, domestic Russian traffic was repeatedly routed to routers operated by China Telecom, a firm with close ties to that county's government. When huge amounts of traffic are diverted to far-away regions before ultimately reaching their final destination, it increases the chances hackers with the ability to monitor the connections have monitored or even altered some of the communications. A similar concern emerged last year, when Dyn found big chunks of traffic belonging to US banks, government agencies, and network service providers had been improperly routed through Belarusian or Icelandic service providers.
The hijacking of Russian traffic is linked to last year's peering agreement between Russian mobile provider Vimpelcom and China Telecom. The pact allowed the firms to save money by having some of their traffic carried over the other's network rather than through a more expensive transit operator. On multiple occasions since then, according to Dyn, communications destined for Russia has followed extremely round-about routes that take the traffic into China before sending it on to its final stop. Doug Madory, director of internet analysis at Dyn, wrote: