Someone Forced World Internet Traffic Through Belarus and Iceland

Someone Forced World Internet Traffic Through Belarus and Iceland: This is a deeply technical but potentially very troubling story. Imagine one day you’re using the Internet the same way you do every day. Reading the news, shopping, sending email, checking your bank and credit card balances. Maybe even doing some work for your employer.

Typically, but not always, the bits being sent from your computer, tablet or phone will flow from where you are to where they need to be via the most direct route available.

But what if they didn’t? What if someone slipped in between you and the various servers you’re connecting with and diverted your traffic elsewhere, funneling it through a choke point of their choosing, so they could capture, copy and analyze it? Your data takes some extra — and imperceptible — milliseconds to get where it’s going and ultimately everything you’re doing online works just fine. But your traffic has been hijacked by parties unknown and you’re none the wiser that it has happened.

In network security circles, this is what’s known as a Man-In-The-Middle attack. And for years it has been understood to be possible in theory, but never seen in practice. That changed earlier this year when someone — it’s unclear who — diverted Internet traffic from some 150 cities around the world through networks in Belarus and Iceland.

The troubling disclosure came yesterday from the research company Renesys. The firm specializes in tracking the operational health of global Internet infrastructure. When Internet traffic goes down in one country or another, whether because of a natural disaster or political unrest, Renesys is usually among the first to see it.