Mar 30, 2022 13:25:00

There was a situation where Twitter traffic was temporarily changed to the setting to go through Russia

It was revealed that some of Twitter's Internet traffic was temporarily going through Russia's major Internet Service Providers (ISPs).

Some Twitter traffic briefly funneled through Russian ISP, thanks to BGP mishap | Ars Technica

https://arstechnica.com/information-technology/2022/03/absence-of-malice-russian-isps-hijacking-of-twitter-ips-appears-to-be-a-goof/

According to the network monitoring service, RTComm , a major Russian ISP, misconfigured the Internet routing table, causing some of Twitter's network traffic to temporarily pass through Russia. After this continued for 45 minutes, RTComm advertised that other ISPs shouldn't use their network to connect to Twitter's IP address. However, even before RTComm advertised, it seems that most major ISPs have taken safety measures to prevent them from complying with routing directives.

Border Gateway Protocol (BGP) is a way for one ISP to find and connect to ISPs in another region. Normally, one engineer uses a BGP table to announce that the network is the correct path to send and receive traffic to and from a particular network.

However, because BGP is a protocol that was initially set up on the Internet, it has become awkward as the Internet has grown. In some cases, BGP misconfigurations in one country can quickly spread and cause major network outages and other problems. For example, in 2008, after a Pakistani ISP made changes to the BGP table, YouTube became inaccessible worldwide.

Such BGP accidents can be mere misconfigurations or intentional malicious acts. In 2013, it was detected that a huge amount of Internet traffic related to US-based financial institutions, government agencies, and ISPs was repeatedly set to go through Russia. It has been pointed out that this unexplained situation may be a Russian conspiracy to monitor the network.

Doug Madory, Internet analysis director at network monitoring company Kentik , said of the situation where Twitter traffic was set to go through Russia, 'The Russian government tried to block access to Twitter by domestic people. I'm guessing it's the result.

Madory told foreign media Ars Technica, 'There are multiple ways to block traffic to Twitter. Russian carriers have their own implementation of government-led network blocking capabilities and use BGP. You may choose to drop the traffic to a specific IP range. The network that accepts the hijacked route will send the traffic to Twitter's IP space in this range and then to Russia. It is possible to send the to the appropriate destination, but in this case it was not. '

The spread of network monitoring and routing using BGP, as well as the man-in-the-middle attacks they enable, emphasizes that HTTPS and other encrypted connections play an important role in protecting the Internet, Ars Technica said. Pointed out. By using an encrypted connection like HTTPS, even if a malicious organization controls an IP address that belongs to Google, that organization will create a fake Google page with a valid HTTPS certificate. I can not do it.