- Unbeliebable: White House turns Bieber petition response into immigration screed
- Obama signs law denying Iran ambassador’s visa, but says law is ‘advisory’
- Mich. judge to laughing convicted killer: ‘I hope you die in prison’
- Man charged in Kansas City-area highway shootings
- Keystone XL pipeline still on hold after State Dept. decision
- Fla. man charged with killing 16-month-old son to play Xbox undisturbed
- Drones from the deep: Pentagon develops ocean-floor attack robots
- Michigan mayor slaps back atheists’ try to erect ‘reason station’ at city hall
- PHILLIPS: Where is the conservative establishment?
- 7.5-magnitude earthquake shakes southern Mexico
Internet traffic was routed via Chinese servers
U.S. military sites included
Nearly 15 percent of the world’s Internet traffic, including that of many U.S. government and military sites, was briefly redirected through computer servers in China in April, according to a congressional commission report due out this week.
It is not clear whether the incident was deliberate, but the capability could enable severe malicious activities including the diversion of data and the interception of supposedly secure encrypted Internet traffic, the U.S.-China Economic and Security Review Commission states in a report to Congress.
A draft copy of the report, which is to be released Wednesday but viewed by The Washington Times, reports for the first time that .gov and .mil websites were affected by the 18-minute-long April 8 redirection, including those for the Senate, all four military services, the office of the secretary of defense, the National Aeronautics and Space Administration, the Department of Commerce, the National Oceanic and Atmospheric Administration “and many others,” as well as commercial websites including those of Dell, Yahoo, Microsoft and IBM.
In effect, Internet traffic to and from those sites was wrongly told that the best route it could take to its destination was through servers in China.
The redirection, though brief, could have enabled “surveillance of specific users or sites [and] … could even allow a diversion of data to somewhere that the user did not intend,” the report states. The huge volume of traffic redirected could have been intended to cover a targeted attack on a single website or user.
“Perhaps most disconcertingly … control over diverted data could possibly allow a telecommunications firm to compromise the integrity of supposedly secure encrypted sessions,” the report adds.
It remains unclear whether the redirection was intentional, the report says, but it demonstrates that it is possible for malicious actors to seize control of the Internet and redirect traffic.
“Evidence related to this incident does not clearly indicate whether it was perpetrated intentionally and, if so, to what ends,” the report says. “Regardless of whether Chinese actors actually intended to manipulate U.S. and other foreign Internet traffic, China’s Internet engineers have the capability to do so.”
The commission notes that Beijing is exercising considerable control over the Internet inside China, and over the limited debate it permits on certain topics on the Web, in an effort to defuse popular demands for reform - a phenomenon it dubs “networked authoritarianism.” The news comes as Google has issued a call to Western governments to challenge Internet censorship as a restraint on global trade.
The report further notes that China has a history of “malicious computer activities” that “raise questions about whether China might seek intentionally to leverage these abilities to assert some level of control over the Internet, even for a brief period.”
Any such attempt, the report states, “would likely be counter to the interests of the United States and other countries.”
“At the very least, these incidents demonstrate the inherent vulnerabilities in the Internet’s architecture,” the report concludes.
Internet traffic moves through the network in small data packets, its route determined by instructions, known as protocols, provided by special servers around the globe.
On April 8, according to Web security specialists, a small Chinese Internet service provider published a set of instructions under the Border Gateway Protocol, that directed Web traffic from about 37,000 networks to route itself via computer servers in China.
The list was republished by China Telecom and briefly propagated itself across the global Web, which works on a trust system, with each server updating its routing instructions based on data provided by others in the network.
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
TWT Video Picks
Women losing coverage under Obamacare, too
- Scalia to students on high taxes: At a certain point, 'perhaps you should revolt'
- Former Ranger breaks silence on Pat Tillman death: I may have killed him
- Special Forces' suicide rates hit record levels casualties of 'hard combat'
- Feds approve powdered alcohol; 'Palcohol' available later this year
- EDITORIAL: Mark Warner running scared?
- Army goes to war with National Guard, seizes Apache attack helicopters
- Critics rail against liberal bias for commencement speakers
- Harry Reid blasts Bundy ranch supporters as 'domestic terrorists'
- EDITORIAL: More Lerner smoking-gun emails at IRS
- EDITORIAL: Republicans finally fight back in phony 'war on women'
Top 10 handguns in the U.S.