China doesn’t stop surprising us. It is well known that they are considered the second “richest” country in the world and, of course, we all remember their little problem with Google. But this time, something REALLY serious took place. And it wasn’t good. It affected the US military and some civilian information. In a recent report, cybercrime experts have found proof that China hijacked the Internet for 18 minutes last April. China absorbed 15% of the traffic from US military and civilian networks, as well as from other countries. So far without explanation.
We now know, at least, how it happened. On April 8, China Telecom’s routers sent messages declaring that their network channels were the fastest available at that point. Since the traffic routing is based on trust between the world’s telecommunication providers, other Internet routers redirected their traffic through China’s network. Security expert Dmitri Alperovitch —VP of threat research at McAfee—says “We have never ever, outside of the defense industry, seen commercial industrial companies come under that level of sophisticated attack,” And adds: “It’s totally changing the threat model.” As of why this happened, nobody knows. Alperovitch added that the Chinese could have captured and manipulated data passing through their network.
While the US government says that this is not alarming, it’s certainly puzzling. It doesn’t make sense for China Telecom to act in this extraordinary way without a specific objective. Maybe it wasn’t a malicious move, but it certainly seems like a test to its network power. In any case, it seems like it can happen again at any time since it took more than seven months for someone to notice the attack.