Why did 74 minutes of Google traffic get routed through Russia, China, and Nigeria this past week?
Network intelligence firm ThousandEyes sounded the alarm on Monday, as WIRED reports:
ThousandEyes saw Google traffic rerouting over the Russian ISP TransTelecom, to China Telecom, toward the Nigerian ISP Main One. "Russia, China, and Nigeria ISPs and 150-plus [IP address] prefixes—this is obviously very suspicious," says Alex Henthorne-Iwane, vice-president of product marketing at ThousandEyes. "It doesn’t look like a mistake."
Those in cybersecurity thought it looked like a case of BGP hijacking (Border Gateway Protocol), which has happened before. Like the time in 2018 when AWS traffic was hijacked and routed through Russia.
However, in this case, hackers didn't cause the switch; instead, it was human error.
Africa's digital backbone provider, MainOne, investigated and tweeted about what happened.
