FUD: 15% of world's internet traffic hijacked

Ryan Rawdon ryan at u13.net
Wed Nov 17 10:51:22 CST 2010

On Wed, 17 Nov 2010 11:45:14 -0500, Bob Poortinga
<bobp+nanog at webster.tsc.com> wrote:
> This is starting to be picked up by mainstream media, but was was first
> reported here (I believe):
> "Cyber Experts Have Proof That China Has Hijacked U.S.-Based Internet
> Traffic"
> "For 18 minutes in April, China.s state-controlled telecommunications
> company
>  hijacked 15 percent of the world.s Internet traffic, including data
>  U.S.
>  military, civilian organizations and those of other U.S. allies."
> This article, which quotes Dmitri Alperovitch of McAfee, is full of
> data as far as I can tell.  I assert that much less than 15%, probably
> the order of 1% to 2% (much less in the US) was actually diverted.  The
> correct statement is that 15% of the world's network prefixes were
> "hijacked",
> but the impact was minimal in the US.
> My concern is that this "report" will be presented to the US Congress
> without
> being refuted by experts in the know.
> My request is that someone with some gravitas please issue a press
> setting the facts straight on this matter.  I have been in contact with
> Goodin at The Register but I'm just a lowly grunt with a small network.

Also worth pointing out that if this was a normal prefix hijack without
them actually delivering the packets to the intended recipient (unlikely
the case), then there would be very little TCP data seen.  A few packets on
existing connections before they time out, and SYNs on new connection
attempts.  Unless they were able to push the traffic back to another ISP
which didn't see their originated routes, things would break more likely
than be "routed via" the hijacking AS.


More information about the NANOG mailing list