A report submitted to Congress on Wednesday by the U.S.-China Economic and Security Review Commission expressed concerns over what the commission claims is China’s growing ability to control and manipulate Internet traffic. In one of the incidents, traffic to and from about 15% of all* Internet destinations was routed through servers belonging to China Telecom, a state-owned telecommunications company.
The rerouting happened on April 8 and lasted for about 18 minutes. The traffic hijacking affected U.S. government and military networks, including those belonging to the Army, Navy, Air Force and Marine Corps, as well as the Office of the Secretary of Defense, the Department of Commerce, NASA and the U.S. Senate. Commercial sites, including those belonging to Microsoft, Dell and Yahoo, were also affected.
The kind of access that Chinese authorities had to the data could enable surveillance of specific users or sites, disrupt transactions, prevent a user from establishing connections to specific sites or divert them to other spoofed sites, the report noted.
“Incidents of this nature could have a number of serious implications,” the report said. (Yah think???)
“Incidents such as those reported by the commission highlight some of the fundamental vulnerabilities* of the Internet“, said Dmitri Alperovitch, an Internet threat researcher at McAfee.
“The takeaway here is that the foundation on which the Internet is built is insecure*,” Alperovitch said. “It is based on trust. We trust ISPs to tell us which networks they own. There is no validation [of that information].”
These are excerpts from a Computerworld article. Click here to read the whole enchilada.
Also, Dark Reading has a more detailed look, here.
* emphasis mine.
… My guess is they just slurped up all the packets; so they can better map IP’s and fingerprint users and systems. Step 1 in the hacker’s playbook.
(Maybe look at the encryptions used.. and run some through their supercomputer.)
But I’m a cynical, and not terribly well-educated guy. I could be wrong. I hope I am. But it seems pretty clear: a lot of people are playing games on the Internet.. and I’m not talking about WoW.
Today’s free download: IObit Toolbox is free, portable software that system administrators and computer geeks will take along to solve PC problems anytime and anywhere. With more than 20 dedicated tools, IObit Toolbox allows you to display/diagnose PC information, enhance PC security, optimize PC performance and repairing PC problems. In a word, it offers an easy way for PC admin to monitor and manage computers. It can be used for commercial and non-commercial purposes.
Today’s reco’s reading: How to become a certified IT ninja
“When faced with a problem, people tend to collect into three mindsets. The first is not to do anything, lest we make the problem worse…“
Quote of the day: “Advice is what we ask for when we already know the answer but wish we didn’t.“
~ Erica Jong
Note: I posted this article a year ago. This is one of the reasons “the Internet is broken” and we are dang fools for doing any kind of important business on it, or attaching “Industrial control units”, or doing any thing other than exchanging personal emails (not government or military), watching YouTube and Netflix, or looking up the Latin name of the rose on Wikipedia.
But.. the alarm was sounded – a few of the wiser took note – and the issue faded from sight… Conficker proved how vulnerable our machines are..
Shhh! Don’t say that! People might stop using the Internet! What would happen to Amazon?!
Have a great day everybody.
Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<