A report delivered to Congress Wednesday says that for a 20-minute period in April, a Chinese state-owned telecommunications firm redirected Internet traffic through its own servers, highlighting concerns over possible ‘sniffing’ of the data within. The traffic included packets from US government and military networks, it claims.
The U.S.-China Economic and Security Review Commission said that it could not tell whether or not the redirecting was unintentional or deliberate, however it did argue that it could lead to “severe malicious activities.” It is believed to be the largest redirection of Internet traffic in the history of the Internet.
Traffic on 15 percent of the world’s Internet routes would have passed through this redirection. How traffic is routed on the Internet is based on something called a “routing table.” This roadmap of sorts tells data how to make its way from one destination to the other. In this case, China Telecom adjusted these tables to redirect traffic through its own servers.
Packets from government agencies such as the Office of the Secretary of Defense and Department of Commerce were now told to pass through China Telecom’s servers, as were packets from the Army, Navy and Marine Corps. Private companies were also affected, including Dell, Microsoft and IBM.
While the commission seemed to maintain that it didn’t know if it was intentional, the fact that every major branch of the armed forces was affected as well as sensitive agencies and the nation’s largest technology companies seems suspicious. The disclosure is also sure to stoke new fears over China’s Internet spying efforts.
Experts say that it would not be difficult for China to spy and even modify traffic as it came through its servers, although this redirection was only adding milliseconds to the overall travel time of data packets. Either way, most sensitive government traffic is encrypted and extremely difficult to decode.
To its defense, China Telecom has denied even redirecting US traffic.