Banks and governments targeted by invisible hijacking attacks

News

Banks and governments targeted by invisible hijacking attacks

Warwick Ashford

Net-monitoring firm Renesys says it has uncovered evidence of mass hijackings of network traffic.

Since the start of 2013, the firm has observed live man-in-the-middle hijacks on more than 60 days involving about 1,500 sets of IP addresses.

Security.jpg

These hijack attacks involve inspecting or modifying a victim’s traffic before passing it along to the intended recipient.

Renesys said criminals had re-routed data to and from finance firms, net phone services and governments during the attacks it observed.

Typically, attacks simply changed the route the traffic took to its final destination. In some cases, traffic being sent across a city travelled half way around the world before being delivered to its destination.

“It’s possible to drag specific Internet traffic halfway around the world, inspect it, modify it if desired, and send it on its way,” Renesys technology head Jim Cowie wrote in a blog post.

The firm’s observations have proved that man-in-the-middle route hijacking has now moved from a theoretical concern to something that happens fairly regularly, he said.

According to Cowie, the potential for traffic interception is very real, and everyone on the internet, especially the largest global carriers, bank or credit card processing companies or government agencies should be monitoring for this kind of intrusion.

This kind of attack should not happen and cannot be done without leaving permanent, visible footprints in global routing that point right back to the point of interception.

But, Renesys believes the attacks are taking place because in most cases nobody is looking, and therefore increased transparency is essential.

“Until the day when all routes are signed and secured (and that day may never fully arrive), the best way to prevent manipulation of trust-based routing will be to help people expose violations of trust, and recognise those who implement best practices,” said Cowie.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy