Hijacked? UK's Nuclear Weapons Data Re-Routes and Travels via Ukraine
Sensitive internet data from British company Royal Mail and the UK Atomic Weapons Establishment (AWE) has passed through Russia and Ukraine via insecure connections, according to internet performance and analysis company Dyn.
An article published in technewstoday.com, suggests "web traffic originating from Texas, intended for certain addresses in the UK has been taking an unconventional route to its destination, through Ukraine and Russia".
According to research carried out by Dyn, Ukrainian telecom provider Vega "began announcing 14 British Telecom (BT) routes, resulting in the redirection of Internet traffic through Ukraine for a handful of BT customers". This includes the UK's Atomic Weapons Establishment.
AWE is 'responsible for the design, manufacture and support of warheads for the United Kingdom's nuclear deterrent'.
Doug Madory, Director of Internet Analysis at Dyn, said "At this point, I have to believe this was an innocent mistake by Vega, but its concerning nonetheless."
Meanwhile, an AWE spokesperson told Sputnik:
"AWE takes security of all communication very seriously but we do not comment on the measures we have in place."
© REUTERS/ Kacper Pempel/Files
An expert in computer networks who wanted to remain anonymous told Sputnik News that the re-route appears to be a configuration error.
"This doesn't look like route-hijacking, it could just be the protocol on the routing hardware. It looks like a configuration error to me", he said.
"Basically, the problem is that one of the network operators has messed up their configuration meaning something has changed resulting in the internet traffic travelling through a different route.
"There is an opportunity for that information to be manipulated — so what these companies involved need to do now is see how long the alternative route was open — and work out what information may have been leaked and what data was traveling insecurely.
"But we'll never know".
© Flickr/ Ivan David Gomez Arce
According to the computer network expert, "somebody in Russia or Ukraine has the potential to read, intercept and manipulate the insecure data and potentially do what they want with that information".
"They could manipulate the data in real time — and now the proper settings have been reinstated, they've still got the historical data."
But this, he says, isn't much of a concern for the public.
"I don't think an engineer would have made active changes, it could be a computer doing it and logging and alerting should be in place.
"I'm fairly confident that AWE would make sure that the data would be very safe. It looks like a configuration error to me."
In April 2010, China swallowed 15 percent of US internet traffic for 18 minutes. The US-China Economic and Security Review Commission told the US Congress:
"For about 18 minutes on April 8, 2010, China Telecom advertised erroneous network traffic routes that instructed US and other foreign Internet traffic to travel through Chinese servers… This incident affected traffic to and from US government and military sites, including those for the Senate, the Army, the Navy the Marine Corps, the Air Force, the office of Secretary of Defense, the National Aeronautics and Space Administration, the Department of Commerce, the National Oceanic and Atmospheric Administration, and many others. Certain commercial websites were also affected".
According to arstechnica.com this is known as "IP hijacking, a well-known routing problem in a worldwide system based largely on trust. Routers rely on the Border Gateway Protocol (BGP) to puzzle out the best route between two IP addresses; when one party advertises incorrect routing information, routers across the globe can be convinced to send traffic on geographically absurd paths".