Top 3 BGP Hijacking Hotspots to Avoid

Thibaut Parmentier
Posted by Thibaut Parmentier on 01 April, 2021
BGP Hijacking Hotspots

Prevention is better than cure - in the case of BGP hijacking, it may be your only option.

BGP hijacking is a serious threat to online security: while using the internet as it is designed today, user data could be decrypted, stolen, and abused, without the user ever being aware. How does one go about protection, and what can one do to make sure they are not the next victim? Read on to find out.

BGP Hijacking - a constant threat

BGP Hijacking makes extremely damaging attacks a constant possibility when organizations and individuals send data using the current internet.

In a nutshell, BGP hijacking refers to a cyberattack where criminals steal your data, by submitting false IP prefixes (which the internet uses to transmit data) giving the appearance of being more efficient. Automatically, the BGP uses these prefixes to send your data, enabling the criminal to dictate where your data travels, and intercept it. Stolen data, service denial and ransoming are the disastrous results of hacking attempts.

Due to the nature of the current internet, companies and users historically do not have enough defences against such attacks. However, Anapaya’s solution enables users to avoid areas where these attacks occur frequently, increasing the security and safety of their customers.

With Anapaya’s next generation internet, businesses and people are empowered with truly revolutionary protection. Anapaya puts the control back into the hands of the users, enabling them to dictate what areas to avoid and which paths to take towards when directing data to its final destination.

However, to truly exercise control, users need to understand which areas to avoid and which are fine to use. This blog post will identify the top 3 locations where BGP hijacking occurs and why users should attempt to avoid them at all costs. Here are the areas where BGP hijacking occurs the most.

 

1 - China

The source of many BGP hijackers tends to have originated from China or have Chinese links. In the past three years alone, China Telecom, the state-owned internet service provider, has been implicated in at least three major BGP hijacks, with targets ranging from European telecommunications companies to Google itself.

In the case of the Google hijack, 212 ip prefixes were stolen and the redirections came in five distinct waves over a 74-minute period. The redirected IP ranges transmitted some of Google's most sensitive communications, including the company's corporate WAN infrastructure and the Google VPN.

While proving intention behind BGP hijacking can be difficult, companies such as Oracle have claimed the attacks, which reach as far back as 2016, are intentional. The consequences of such attacks could cause company information being leaked, user private information being stolen and widespread service denial.

2 - Russia

Hijacking attempts, cybercrime and dubious online privacy laws seem to go hand in hand. Russia is another location that has been mired in accusations of BGP hijacking.

One of the more serious attacks occurred in April 2020, when state-owned Rostelecom in Russia redirected traffic from Facebook, Google and Amazon. The incident affected more than 8,800 internet traffic routes from 200+ networks, and lasted for about an hour. Users of the affected platforms experienced limited to no connectivity for the full hour and private information was exposed throughout the period.

Sources such as Forbes have pointed out that while mistakes are usually resolved within minutes, the attacks from Russia and China tend to last hours, with limited cooperation from the countries.

3 - Iran

Iran has been known for mass censorship and control over mediums such as the internet. In terms of BGP hijacking, the country has been in the spotlight for two recent major situations. In July 2018, an Iranian Telecommunications Company hijacked 10 prefixes of Telegram Messenger and in an attempt at censorship in 2017 they blocked access to over 256 websites. Users of the affected websites could not access them from around the world, leading to the services to be down for nearly a full day. Telegram itself could not provide effective services to their users, and user data could have been exposed.

How Anapaya can counter BGP Hijacking

BGP hijacking relies on the fact that users who send data do not have control over the route it travels, which is automatically selected based on which prefixes are perceived as most efficient. Anapaya’s path control feature does away with this assumption, enabling users to control where their data travels.

Anapaya enables users to control:

  • Where the data goes
  • Which geographic areas to avoid
  • What type of route to optimise for (speed, reliability, security etc)
  • What backup routes to switch to in case of breach or failure

You can read more about how Anapaya addresses BGP hijacking in this blog post here.

Retake control of your data

BGP hijacking has long since been a threat to online security and will continue to be unless action is taken. By taking control of your data and where it goes you will be in a far more secure position when using the internet for yourself and your company.

It’s time to protect the most important asset your business has - its data - with Anapaya’s Next-Generation Internet. If you would like to find out more about Anapaya’s solution, or simply more on BGP hijacking and other cyber threats, just send us a message.