A report from a U.S Congress advisory group, the U.S – China Economic and Security Review Commission is to show how some part of the United States Internet traffic was successfully hijacked by a major telecommunications company operating in China.
In the U.S, web traffic would normally be routed through the connections which are fastest and in most cases this would be via domestic connections. This manner of routing web traffic had proved to be previously secure in the past, however given the rate at which the internet has grown thus ensuring a greater interconnectivity with other global servers, it is not entirely impossible that some of the supposed domestic traffic could actually have been routed via foreign routers through international connections before actually been passed on to domestic servers in the U.S.
Internet traffic routed this way is open to a lot of external interventions and poses a huge security risk. Apparently, the report from the U.S advisory group is to show that this is exactly what happened during the period in question and the web traffic had been rerouted through web servers located in China.
The report indicates that several American citizens who had tried to visit some government sites such as those belonging to the Secretary of Defense, United States Senate, Commerce Department and NASA had all had their links routed via China Telecom, one of the largest telecommunications operating in China and which is largely owned by the Chinese government. Internet traffic for some commercial U.S companies was also discovered to have been rerouted for brief periods through this company.
This act may be indicative of China gauging the level of security applicable to the web traffic in the United States and the government’s ability to protect the data requests of American citizens. According to the report, while the purpose or intention behind the web traffic hijack was not exactly clear, it could serve as an avenue for more malicious online incidents targeted at U.S citizens.
While China Telecom has not exactly denied the occurrence of such incidents, they have however categorically denied carrying out intentional hijacks of web traffic belonging to U.S citizens or American corporations.
Other incidents noted in the report include cybercrimes and attacks specifically targeted against corporations in the U.S and individual Americans. Some of these include phishing attacks aimed at getting users to compromise personal data or passwords. The report also includes details of the theft of some source code on which Google’s search engine is based. Majority of these attacks according to the report are believed to have originated from China, with Baidu the leading search engine in China being largely suspected by some to be behind the theft of the source code belonging to Google.