organizations were the target of malware attacks between 2017 and 2018,[1] and these organizations are increasingly subject to hijacking attacks, wherein third parties capture and reroute information.[2]
Hijacking attacks occur when information is routed from one point to another, usually when it is routed through different carriers' networks.[3] In routing, "information is sent across intervening [networks] as small data 'packets' with their destination IP addresses attached. Each router in the transited networks looks at the destination IP address in the packet and forwards it to the next and closest [network]," seeking the shortest and most efficient route from the start point to the end point.[4] The Border Gateway Protocol ("BGP") is the central routing protocol. See, e.g., What is BGP Hijacking, CloudFlare, https://www.cloudflare.com/learning/security/glossary/bgp-hijacking/; Yashin Huang, Internet Outrage Caused by Verizon Shows How Fragile the Internet Routing Is, Medium (July 2, 2019), https://medium.com/hackernoon/internet-outrage-caused-by-verizon-shows-how-fragile-the-internet-routing-is-a367241130e8. Administrators of each network are responsible for announcing the IP addresses associated with their networks on the BGP. See, e.g., What is BGP Hijacking, CloudFlare, https://www.cloudflare.com/learning/security/glossary/bgp-hijacking/. The BGP, however, is notoriously complex, and "errors can occur given the complexity."[5] It is these errors that open up opportunities for malicious actors to hijack traffic.[6]
- ↑ Mike Robuck, Report: Telecommunications Industry Woefully Unprepared for Cyberattacks, Fierce Telecom (Nov. 21, 2018).
- ↑ Jim Cowie, The New Threat: Targeted Internet Traffic Misdirection, Dyn (Nov. 19, 2013), https://dyn.com/blog/mitm-internet-hijacking/; Juha Saarinen, Internet Traffic Hijacking on the Rise, ITNews (Nov. 21, 2013), https://www.itnews.com.au/news/internet-traffic-hijacking-on-the-rise-365006. "Hijack attacks expose a network to potentially critical damage because it is not a hack of the end-point but of the critical exchanges carrying information between end points." Yuval Shavitt & Chris C. Demchak, China's Maxim-Leave No Access Point Unexploited: The Hidden Story of China Telecom's BGP Hijacking, 3 Military Cyber Affairs 1, 4 (2018).
- ↑ See U.S.-China Econ. & Sec. Review Comm'n, the Nat'l Sec. Implications of Invs. & Prods. from the People's Republic of China in the Telecomm. Sector 42-43 (Jan. 2011); Shavitt & Demchak, supra note 109, at 4. Because different networks serve as the start and end points, a mechanism is needed to transport the traffic from one carrier to the other carrier for final delivery to the destination. Shavitt & Demchak, supra note 109, at 4.
- ↑ Shavitt & Demchak, supra note 109, at 2.
- ↑ Shavitt & Demchak, supra note 109, at 3.
- ↑ See Shavitt & Demchak, supra note 109, at 3.
malicious attempts to extract financial gain by criminal enterprises. The growth of malicious activities grew in the wake of the Telecommunications Act of 1996 as perpetrators capitalized on the 'openness' of networks, particularly the public Internet. The end result of these activities though can be catastrophic to the normal operations of communications and control systems and may threaten our national security."); Worldwide Threat Assessment of the U.S. Intelligence Community Statement for the Record to the S. Select Comm. on Intelligence 6 (Feb. 13, 2018) (statement of Daniel R. Coats, Dir. of Nat'l Intelligence) ("Most detected Chinese cyber operations against US private industry are focused on cleared defense contractors or IT and communications firms whose products and services support government and private sector networks worldwide."); DNS Security—The Telecom Sector's Achilles' Heel, EfficientIP (Nov. 27, 2017), https://www.efficientip.com/dns-security-telecom-sector/ (finding that, per a 2017 survey, telecom organizations suffered more attacks than any other industry surveyed).
30
