China ‘hijacked’ highly sensitive Internet traffic on US government and military websites earlier this year, it has been revealed.
Vast amounts of data to major corporate websites and U.S. military and government sites were routed via Chinese servers for 18 minutes in April.
The incident occurred when China Telecom sent incorrect routing information which told US and other foreign Internet traffic to travel through Chinese servers.
Other servers around the world quickly adopted these paths, routing all traffic to about 15 percent of the internet’s destinations through servers located in China.
Among traffic rerouted via China was that destined for the websites of the US Senate, the Office of the Secretary of Defence, Nasa and the Commerce Department.
While it is not clear whether the re-routing was intentional, China Telecom has today put out an official statement in which it has denied ‘any hijack of internet traffic’.
Details of the hijack came in a report from the U.S.-China Economic and Security Review Commission.
‘We don’t know what was done (with the data) when they got it,’ said commissioner Larry Wortzel.
It has not been established whether the traffic hijacking by China Telecom was intentional and sanctioned by Beijing.
The rerouting began at a smaller Chinese Internet Service Provider (ISP) called IDC China Telecommunication before being propagated by China Telecom.
The web traffic, much of which originated in the United States should have gone the shortest available route and not through China.
The commission said it was unclear whether the massive amount of data affected concealed a targeted attack.
The report reads: ‘Although the Commission has no way to determine what, if anything, Chinese telecommunications firms did to the hijacked data, incidents of this nature could have a number of serious implications.
‘This level of access could enable surveillance of specific users or sites. It could disrupt a data transaction and prevent a user from establishing a connection with a site. It could even allow a diversion of data to somewhere that the user did not intend (for example, to a ‘‘spoofed’’ site).
The report went on: ‘Evidence related to this incident does not clearly indicate whether it was perpetrated intentionally and, if so, to what ends. However, computer security researchers have noted that the capability could enable severe malicious activities.’
‘When I see things like this happen, I ask, who might be interested with all the communications traffic from the entire Department of Defence and federal government,’ Wortzel said.
‘It’s probably not a graduate student at Shanghai University.’
The efforts of Chinese individuals and organisations to penetrate US networks ‘appear to be more sophisticated than techniques used in the past,’ commission vice-chairman Carolyn Bartholomew said.
‘The massive scale and the extensive intelligence and reconnaissance components of recent high profile, China-based computer exploitations suggest that there continues to be some level of state support for these activities,’ Bartholomew said.
Leading Web security firm McAfee has warned of a rise in cyberattacks with political objectives, pointing to China as one of the major actors launching assaults on foreign networks.
US targets include the White House, Department of Homeland Security, US Secret Service and Department of Defence, McAfee said.
‘What could you do if you had the stream of email traffic for 18 minutes’ to and from the US Joint Chiefs of Staff, asked Wortzel
‘Most importantly, you would get the internet addresses of everybody that communicated,’ and be able to engineer an address to plant a virus, he added.
Former US intelligence chief Michael McConnell told Congress earlier this year that the United States would lose a cyberwar if it fought one today, warning: ‘We’re the most vulnerable, we’re the most connected, we have the most to lose.’
McConnell, who served as ex-president George W. Bush’s director of national intelligence, warned a Senate panel in February that because the United States was not failing to effectively mitigate the risk, ‘we are going to have a catastrophic event.’
China’s capacity to launch cyberattacks on US commercial interests was also highlighted this year after Internet giant Google threatened to completely shutter its operations in the Asian country, saying it became the target of a series of sophisticated cyberattacks there.
The commission recommended Congress call on the administration of President Barack Obama to formally investigate the ‘volume and seriousness of exploitations and attacks’ targeting federal agencies that handle sensitive military and diplomatic information.