In practice, if a malicious actor announces through the BGP that it owns an IP address block that actually is owned by Network 1, traffic destined for Network 1 will be routed to or through-the malicious actor's network.[1] After receiving and inspecting the misdirected traffic, the malicious actor redirects it to the original destination point, and the traffic is delivered to its intended destination.[2] Because of the hijack, the malicious actor can access an organization's network, steal valuable data, add malicious implants to seemingly normal traffic, or simply modify or corrupt valuable data.[3] If diverted and copied even for a small amount of time, encryption can be broken.[4] Further, detecting the attack can be extremely difficult.[5] Given that traffic is continuously flowing, it is possible that the end-recipient might not notice any increase in "latency that results from the interception."[6]
Researchers allege that the Chinese government is increasingly using its state-owned telecommunications carriers to carry out hijacking attacks.[7] Chinese carriers have not established independent transmission facilities and networks outside of China.[8] Rather, as China Mobile stated in a recent SEC filing, the carriers are dependent on "interconnection arrangements and access to other networks."[9] Through these interconnection arrangements, the Chinese carriers can promote and allegedly have promoted-false routes on the BGP.[10] Particular allegations of hijacking by Chinese state-owned carriers are discussed more below.
- ↑ See What is BGP Hijacking, Cloudflare, https://www.cloudflare.com/learning/security/glossary/bgp-hijacking/.
- ↑ See Cowie, supra note 109.
- ↑ Shavitt & Demchak, supra note 109, at 4.
- ↑ Shavitt & Demchak, supra note 109, at 4.
- ↑ See Cowie, supra note 109; BGP Hijacking Overview: Routing Incidents Prevention and Defense Mechanisms, Noction (Apr. 24, 2018), https://www.noction.com/blog/bgp-hijacking.
- ↑ Cowie, supra note 109.
- ↑ See, e.g., Doug Madory, China Telecom's Internet Traffic Misdirection, Oracle: Internet Intelligence (Nov. 5, 2018), https://internetintel.oracle.com/blog-single.html?id=China+Telecom%27s+Internet+Traffic+Misdirection; Shavitt & Demchak, supra note 109, at 3; Jesus Diaz, China's Internet Hijacking Uncovered, Gizmodo (Nov. 17, 2010), https://gizmodo.com/chinas-internet-hijacking-uncovered-5692217; Andree Toonk, Chinese ISP Hijacks the Internet, BGPMon (Apr. 8, 2010), https://web.archive.org/web/20190415002259/https://bgpmon.net/chinese-isp-hijacked-10-of-the-internet/.
- ↑ See, e.g., TT-DOJ-045-60; TT-DOJ-001-15.
- ↑ China Mobile Ltd. Annual Report Pursuant to Section 13 or 15(d) of the Sec. Exch. Act of 1934 for the Fiscal Year Ended December 31, 2019 (Form 20-F), Comm. File No. 1-14696, at 16 (filed Apr. 28, 2020), https://www.sec.gov/Archives/edgar/data/1117795/000119312520122124/d825927d20f.htm#toc825927_5 [hereinafter China Mobile FY2019 Form 20-F].
- ↑ See, e.g., Shavitt & Demchak, supra note 109.
31