Page:2020-06-09 PSI Staff Report - Threats to U.S. Communications Networks.pdf/35

From Wikisource
Jump to navigation Jump to search
This page has been proofread, but needs to be validated.

In practice, if a malicious actor announces through the BGP that it owns an IP address block that actually is owned by Network 1, traffic destined for Network 1 will be routed to or through-the malicious actor's network.[1] After receiving and inspecting the misdirected traffic, the malicious actor redirects it to the original destination point, and the traffic is delivered to its intended destination.[2] Because of the hijack, the malicious actor can access an organization's network, steal valuable data, add malicious implants to seemingly normal traffic, or simply modify or corrupt valuable data.[3] If diverted and copied even for a small amount of time, encryption can be broken.[4] Further, detecting the attack can be extremely difficult.[5] Given that traffic is continuously flowing, it is possible that the end-recipient might not notice any increase in "latency that results from the interception."[6]

Researchers allege that the Chinese government is increasingly using its state-owned telecommunications carriers to carry out hijacking attacks.[7] Chinese carriers have not established independent transmission facilities and networks outside of China.[8] Rather, as China Mobile stated in a recent SEC filing, the carriers are dependent on "interconnection arrangements and access to other networks."[9] Through these interconnection arrangements, the Chinese carriers can promote and allegedly have promoted-false routes on the BGP.[10] Particular allegations of hijacking by Chinese state-owned carriers are discussed more below.

  1. See What is BGP Hijacking, Cloudflare, https://www.cloudflare.com/learning/security/glossary/bgp-hijacking/.
  2. See Cowie, supra note 109.
  3. Shavitt & Demchak, supra note 109, at 4.
  4. Shavitt & Demchak, supra note 109, at 4.
  5. See Cowie, supra note 109; BGP Hijacking Overview: Routing Incidents Prevention and Defense Mechanisms, Noction (Apr. 24, 2018), https://www.noction.com/blog/bgp-hijacking.
  6. Cowie, supra note 109.
  7. See, e.g., Doug Madory, China Telecom's Internet Traffic Misdirection, Oracle: Internet Intelligence (Nov. 5, 2018), https://internetintel.oracle.com/blog-single.html?id=China+Telecom%27s+Internet+Traffic+Misdirection; Shavitt & Demchak, supra note 109, at 3; Jesus Diaz, China's Internet Hijacking Uncovered, Gizmodo (Nov. 17, 2010), https://gizmodo.com/chinas-internet-hijacking-uncovered-5692217; Andree Toonk, Chinese ISP Hijacks the Internet, BGPMon (Apr. 8, 2010), https://web.archive.org/web/20190415002259/https://bgpmon.net/chinese-isp-hijacked-10-of-the-internet/.
  8. See, e.g., TT-DOJ-045-60; TT-DOJ-001-15.
  9. China Mobile Ltd. Annual Report Pursuant to Section 13 or 15(d) of the Sec. Exch. Act of 1934 for the Fiscal Year Ended December 31, 2019 (Form 20-F), Comm. File No. 1-14696, at 16 (filed Apr. 28, 2020), https://www.sec.gov/Archives/edgar/data/1117795/000119312520122124/d825927d20f.htm#toc825927_5 [hereinafter China Mobile FY2019 Form 20-F].
  10. See, e.g., Shavitt & Demchak, supra note 109.

31

Retrieved from "https://en.wikisource.org/w/index.php?title=Page:2020-06-09_PSI_Staff_Report_-_Threats_to_U.S._Communications_Networks.pdf/35&oldid=14482867"