Stories
Slash Boxes
Comments

SoylentNews is people

posted by mrpg on Wednesday November 21 2018, @03:00AM   Printer-friendly
from the Take-the-second-exit-and-head-directly-west-over-the-ocean dept.

The Sydney Morning Herald has a front-page story detailing apparent Chinese redirection and interception of Australian internet traffic.

Internet traffic heading to Australia was diverted via mainland China over a six-day period last year. The diverted traffic from Europe and North America was logged as a routing error by the state-owned China Telecom, according to data released for the first time by researchers at Tel Aviv University and the Naval War College in the US.

The targeting of data bound for Australia comes amid revelations China's peak security agency has overseen a surge in cyber attacks on Australian companies over the past year, breaching a bilateral agreement to not steal each other's commercial secrets.

The re-directions happened between the 7th and 13th of June last year and resulted in a small portion of the total internet traffic coming into Australia taking up to six times longer to arrive as it went via China. One of the researchers, says he believes the target of the attack was a UK cyber-security company with offices in Australia.

The data diversions were possible as China Telecom has 10 Points of Presence (PoPs) in North America. Foreign carries have no comparable infrastructure across mainland China.

China Telecom has long been regarded as a passive service provider, despite being state-owned, and therefore has attracted none of the suspicion of Chinese telecommunications providers like Huawei or ZTE.

In the research paper quoted in the article, three other examples of such diversions over the past two years are highlighted, including traffic from Scandinavia to the Japanese office of a major US media outlet being diverted via China.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 1, Insightful) by Anonymous Coward on Wednesday November 21 2018, @03:59AM (7 children)

    by Anonymous Coward on Wednesday November 21 2018, @03:59AM (#764571)

    I really dont get why this is supposed to seem threatening when the amount of (supposedly) legal spying and data harvesting of all governments is at ridiculous, bubble-like, levels.

    • (Score: 0) by Anonymous Coward on Wednesday November 21 2018, @04:12AM (1 child)

      by Anonymous Coward on Wednesday November 21 2018, @04:12AM (#764573)

      How do you know that? Depending on your answer, I may have to kill you electronically.

      • (Score: 0) by Anonymous Coward on Wednesday November 21 2018, @04:57AM

        by Anonymous Coward on Wednesday November 21 2018, @04:57AM (#764592)

        Electronic froth

    • (Score: 3, Disagree) by driverless on Wednesday November 21 2018, @05:10AM (3 children)

      by driverless (4770) on Wednesday November 21 2018, @05:10AM (#764595)

      You also need to look into the context. BGP fuckups that cause this type of thing happen constantly, the only reason this one got noticed is because the evil Chinese were involved. If it'd been an ISP in France, no-one would have batted an eyelid. And look at the level of the "attack": easily traceable and visible so not exactly a secret, affected a small fraction of Australia's traffic, and all that to do what, intercept Norm Gunston videos? It was a router config fuckup, like a million other router config fuckups, the only problem was that the Chinese did it this time and they're everyone's favourite bogeyman.

      • (Score: 3, Informative) by MostCynical on Wednesday November 21 2018, @05:49AM (2 children)

        by MostCynical (2589) on Wednesday November 21 2018, @05:49AM (#764602) Journal

        From TFA:

        Professor Shavitt believes the target of the attack was a UK cyber-security company with offices in Australia. He suggested the suspected hacking operation was aimed at accessing sensitive data held by the firm.

        He said the timing of the diversion was unlikely to have been coincidental and may have coincided with a major project the firm was undertaking for a client in Australia

        --
        "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
        • (Score: 3, Insightful) by driverless on Wednesday November 21 2018, @05:51AM (1 child)

          by driverless (4770) on Wednesday November 21 2018, @05:51AM (#764603)

          Professor Shavitt believes ...

          Anyone can believe anything they want. Pick a conspiracy theory and go with it.

          • (Score: 0) by Anonymous Coward on Wednesday November 21 2018, @08:03PM

            by Anonymous Coward on Wednesday November 21 2018, @08:03PM (#764922)

            This time? Maybe or maybe not; but if a country's strategic intent is to crush you, see you driven before them, and hear the lamentations of your women, maybe it's OK to be a little extra skeptical about their 'mistakes'

    • (Score: 2) by Runaway1956 on Wednesday November 21 2018, @01:56PM

      by Runaway1956 (2926) Subscriber Badge on Wednesday November 21 2018, @01:56PM (#764704) Journal

      Ozzie government feels the need to surveill it's subjects. China was probably just being helpful, and helping Oz to fine tune their instrumentation. "Aye, Mates, you're off to a good start, but you'll need to fill in these holes we've identified. You can't keep watch over the citizenry with so few cameras and microphones. We can help, of course - we have three factories running below production levels right now!"

  • (Score: 4, Insightful) by pipedwho on Wednesday November 21 2018, @05:19AM (4 children)

    by pipedwho (2032) on Wednesday November 21 2018, @05:19AM (#764596)

    How is this a problem for companies that should have decent security policies in place. I don't connect to my company through anything except the VPN which needs manually installed certificates to work.

    I'm guessing Email. Because it's the elephant in the room when it comes to exposing data externally through multiple non-controlled and insecure systems. Send something to someone via email and you're sending it in the clear. Companies could use PGP/GPG but that's all too hard, or at least secure DNS for known company servers but that's too hard too. So out in the clear it goes.

    Then big scary chinamen come along and intercept all the traffic. Let's ignore that half a dozen other TLAs and 4LAs have been doing this for years. Big bad guy finds a giant .zip of company's codebase in an Email attachment sent from one engineer to another. Or the password recovery emails. Possibly intercepting and faking them. Because, externally transmitted password recovery emails are the correct way to secure password resets for corporate systems?

    Email has been a security fail 101 for at least a decade now.

    • (Score: 2) by pipedwho on Wednesday November 21 2018, @05:22AM

      by pipedwho (2032) on Wednesday November 21 2018, @05:22AM (#764597)

      Oh yeah, and don't get me started on the current state of PKI and easily obtainable certificates. Then corporates assume their HTTPS gateway is good to go with basic password security.

    • (Score: 0) by Anonymous Coward on Wednesday November 21 2018, @06:12AM (2 children)

      by Anonymous Coward on Wednesday November 21 2018, @06:12AM (#764609)

      > Big bad guy finds a giant .zip of company's codebase in an Email attachment sent from one engineer to another.

      That's on Microsoft. They killed file sharing and now people use e-mail as a problem-filled work-around to replace what Microsoft took away. Some newer people have never seen or heard of file sharing but still know they want to get files from one person to another and since there is no other option, e-mail it is. The safety is even worse when companies outsource their e-mail to third-parties.

      • (Score: 0) by Anonymous Coward on Wednesday November 21 2018, @09:59AM

        by Anonymous Coward on Wednesday November 21 2018, @09:59AM (#764643)

        ..Some newer people have never seen or heard of file sharing but still know they want to get files from one person to another and since there is no other option, e-mail it is.

        No other option?, oh, come on! even the technochallenged muppets at my last place of employ had gotten round to using Dropbox to share files without any prompting (admittedly, once this was discovered, it was then a complete waste of time getting them to grok the further ideas of encrypting/password protecting these files and deleting them after a couple of days/weeks/when finished with, I bet there's still stuff being shared there from a couple of years ago).

        Mind you, it's a game you can't win. In a past existence, as a postmaster@some.site, I had to deal with a certain class of idiot who thought it a good idea to send large amounts of 'sensitive' data relating to the testing of unclear(sic) warheads via unencrypted email despite a whole secure filesharing infrastructure having been put in place to avoid this sort of thing in the first place (a mix of temporary guest and fixed 'Project' accounts on a single exposed machine with external scp/sftp access).

      • (Score: 2) by Runaway1956 on Wednesday November 21 2018, @02:00PM

        by Runaway1956 (2926) Subscriber Badge on Wednesday November 21 2018, @02:00PM (#764707) Journal

        Has FTP died? And, shared drives? Direct links?

        Wait, I'm sorry. You're probably talking about John Q. Office Drone. (I always hated pretentious pricks with four name.) He doesn't know how any of that stuff works, and that's why the IT department won't grant him the rights necessary to do any of it.

  • (Score: 0) by Anonymous Coward on Wednesday November 21 2018, @03:55PM (1 child)

    by Anonymous Coward on Wednesday November 21 2018, @03:55PM (#764773)

    If you happen to live there.

(1)