Internet traffic to some of the big tech company’s site was briefly redirected to Russia earlier this week. This appears to be a Border Gateway Protocol (BGP) attack on the sites. Sites of tech firms including the likes of Facebook, Google, Microsoft, Apple and Riot Games got affected by a Russian Autonomous system.
The worrying factor is that BGP routes large-scale amounts of traffic among Internet backbones, ISPs, and such other large networks. The internet monitoring service BGPMon shows revealed about the unexplained incident in a blog post the next day. The attack affected around 80 separate address blocks of big tech firms.
The BGP redirects occurred twice on Tuesday and were retained for around 3 minutes. The first incident took place between 04:43 and 04:46 UTC and the second occurred between 07:07 and 07:10 UTC.
According to BGPMon,
“Even though these events were relatively short-lived, they were significant because it was picked up by a large number of peers and because of several new more specific prefixes that are not normally seen on the Internet. So let’s dig a little deeper.”
Internet service providers of major countries got affected including the ISPs of the US such as Hurricane Electric and Zayo, Telstra in Australia, and NORDUnet joint project of several Nordic countries. The incident is predicted to be suspicious as the prefixes that were affected comprise of all high profile addresses.
This is not the first time that a Russian network is blamed for breaking security protocols of the US-based tech companies. Even the Russian intelligence has been found guilty of affecting social networks like Facebook and news feed of Google for propagating Fake News.