Vast amounts of European mobile traffic re-routed through China Telecom
News / Massive chunks of European mobile traffic re-routed through China Telecom
13 June 2019
Vast amounts of European mobile traffic were re-routed through China Telecom’s network for over two hours last Thursday, giving rise to fears that such traffic could have been intercepted by Chinese agencies before making their way back to European ISPs.
The re-routing of European mobile traffic occurred due to a Border Gateway Protocol (BGP) leak at the Safe Host data centre in Switzerland that resulted in over 70,000 routes being re-routed via the Chinese ISP rather than traditional ones.
While BGB leaks do occur from time to time, the failure of China Telecom to implement basic routing safeguards to prevent such leaks or to remediate routing leaks quickly resulted in so much European mobile traffic being re-routed through the ISP, that too for over two hours when such leaks shouldn’t last for more than a few minutes, said Doug Madory, director of Oracle’s internet analysis division.
“Today’s incident shows that the internet has not yet eradicated the problem of BGP route leaks. Two hours is a long time for a routing leak of this magnitude to stay in circulation, degrading global communications,” he said.
The massive leak impacted a number of European ISPs such as KPN of the Netherlands, Swisscom of Switzerland, and Numericable-SFR and Bouygues Telecom of France. It also resulted in major reductions in Internet speeds for the duration of the leak.
China Telecom behind major outage in London last week
Reportedly, the route leak was also behind major network outages in London last Thursday that cut access to WhatsApp. Network monitoring company ThousandEyes had initially held a Cogent data centre in London responsible for the outage but later told FierceTelecom that China Telecom was responsible for the same.
“What we can share now is that Cogent, like many service providers, accepted a route leak that originated from a Swiss colocation company called Safe Host and was propagated by China Telecom (a Cogent peer). Due to this route leak, China Telecom was inserted into the internet path for many services. Unfortunately, China Telecom either dropped the traffic or was suffering significant packet loss that impacted these services.
“In the case of WhatsApp, Cogent’s routers in London were the last hops in the internet path that handed off traffic to China Telecom. Our further analysis is showing that the likely source of the packet loss occurred in the connection between Cogent’s and China Telecom’s networks. Since we saw significant evidence of packet loss at other points in China Telecom’s network, it is likely that China Telecom was the provider that dropped the traffic,” it said.
Jay has been a technology reporter for almost a decade. When not writing about cybersecurity, he writes about mobile technology for the likes of Indian Express, TechRadar India and Android Headlines