China denies “hijacking” traffic

A Congressional report claims a state-run communications firm in China “hijacked” internet traffic for 18 minutes in April. China Telecom has denied the charge.

The claims come in the annual report of the US-China Economic and Security Review Commission, which appears to be based on the policy that “If you can’t beat them, join them… but keep your eyes open.”

As well as discussing the fact that US businesses have (like many other websites around the world) been affected by China’s government filtering system for the web, and that US firms such as Google were hit with hacking attacks earlier this year in the country, the commission claims that:

For about 18 minutes on April 8, 2010, China Telecom advertised erroneous network traffic routes that instructed U.S. and other foreign Internet traffic to travel through Chinese servers. Other servers around the world quickly adopted these paths, routing all traffic to about 15 percent of the Internet’s destinations through servers located in China.

The “erroneous network traffic routes” issue effectively means that China Telecom was falsely telling the Internet as a whole that the best way to reach the sites was through its servers. The basis of how the net works means that each server trusts information from other servers, including such claims about routing options.

The report says a range of US military and government websites were those whose inbound and outbound traffic was misrouted. It acknowledges that there is no way of knowing whether this was a deliberate attack or a genuine error.

It also says it cannot “determine what, if anything, Chinese telecommunications firms did to the hijacked data,” though that doesn’t stop it speculating. One named contributor, Danny McPherson of Arbor Networks, speculates that the idea may have been to divert such a huge amount of traffic to disguise an attempt to access a specific data source.

The report also details the botched attempts of Chinese officials to block domestic users from accessing a variety of leading sites such as YouTube: the attempts went wrong and wound up blocking access to users in other countries including the US.