Cyber spying? Oracle confirms China Telecom manipulation of internet data
The world’s No. 3 software maker Oracle has backed a research paper which accused China Telecom of hijacking huge amounts of internet traffic meant for Western countries and diverting these to China.
China Telecom is the foreign partner of Duterte crony Dennis Uy who won the November 7 bidding for the third telco slot under a cloud of controversy. Senator Grace Poe has urged both the Department of Information and Communication Technology and the National Telecommunications Commission not to “sidestep” these security issues hounding China Telecom.
Doug Madory, Director of Oracle’s Internet Analysis division, confirmed finding made by researchers from the US Naval War College and Tel Aviv University about China Telecom’s manipulation of web data in four routes – Canada to South Korea, US to Italy, Scandinavia to Japan, and Italy to Thailand.
Madori called it “hijacking the vital internet backbone of western countries.”
“In recent weeks, the Naval War College published a paper that contained a number of claims about purported efforts by the Chinese government to manipulate BGP routing in order to intercept internet
traffic. I don’t intend to address the paper’s claims around the motivations of these actions. However, there is truth to the assertion that China Telecom (whether intentionally or not) has misdirected internet traffic (including out of the United States) in recent years. I know because I expended a great deal of effort to stop it in 2017.,” Madori said in a blog post.
The research, conducted jointly by scholars from the US Naval War College and Tel Aviv University, discovered that China, through China Telecom, has been engaged in data hacking even though it had entered into a pact with the US in 2015 to stop cyber operations aimed at intellectual property theft.
Researchers found that China Telecom uses BGPs (Border Gateway Protocols) in order to carry out their data intrusions.
Created in the early 1980s, BGP protocols do not feature any security controls, often resulting in misdirected traffic through “bad BGPs”. The majority of these cases are attributed to configuration mistakes.
However, researchers found that China Telecom has been deliberately hijacking BGP routes to send legitimate traffic through malicious
They described the state-owned telco as “one of the most determined BGP hijackers in the international community.”
In order to validate their findings, the researchers built a route tracing system to monitor BGP announcements, allowing them to distinguish between normal, accidental patterns and deliberate ones.
They concluded that China Telecom was responsible for patterns of BGP behavior that “suggest malicious intent, precisely because of their unusual transit characteristics -namely the lengthened routes and the abnormal durations.”
“While one may argue such attacks can always be explained by ‘normal’ BGP behavior, these, in particular, suggest malicious intent, precisely because of their unusual transit characteristics—namely the lengthened routes and the abnormal durations,” the authors said.
China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking