top of page
Writer's pictureSysArmy

Allegation of Telco Hijacking and Detouring Internet Traffic - Is it because they are from China?



On Thursday, June 6, 2019 a large chunk of European mobile traffic was re-routed through the infrastructure of China Telecom, China's third-largest telco and internet service provider (ISP). The incident occurred because of a BGP route leak at Swiss data centre co-location company Safe Host, which accidentally leaked over 70,000 routes from its internal routing table to the Chinese ISP.


Apparently, the Border Gateway Protocol (BGP), which is used to reroute traffic at the ISP level, has been known to be problematic to work with, and BGP leaks happen all the time. But if any other ISP would have caused this incident, it would have likely been ignored. Alas, it was China Telecom.


In 2018, China Telecom, one of China's biggest state-owned internet service providers, was specifically accused of hijacking and detouring internet traffic through its normally-closed internet infrastructure in a research paper authored by Chris C. Demchak from U.S. Naval War College and Yuval Shavitt from Tel Aviv University, published in 2018 in this publication Military Cyber Affairs The Journal of the Military Cyber Professionals Association titled China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’ s BGP Hijacking.


The report argued that the Chinese government was using local ISPs for intelligence gathering by systematically hijacking BGP routes to reroute western traffic through its country, where it can log it for later analysis.  


In a post published on Oracle Dyn blog, it detailed a post by independent security researcher Ronald Guilmette about the suspicious routing activities of a company called Bitcanal, a Portuguese company. Ronald Guilmetter even named Bitcanal a “Hijack Factory” asked why Bitcanal’s transit providers continue to carry its BGP hijacked routes on to the global internet. 


Bitcanal apparently has hijacked with impunity for many years, off the internet and no accusation was leveled against them for leaking data back to the Portuguese government or the government where the operators of Bitcanal originates from.


Comments


bottom of page