- A Nigerian ISP hijacked Google’s internet traffic that caused the tech giant’s services to be unavailable for over an hour.
- Google’s user traffic was routed via Russia and Nigeria before the tech giant’s IP prefixes were leaked to the Chinese state-owned telecom provider called China Telecom.
Google’s services were down for over an hour on November 12 after its internet traffic was hijacked by a little-known Nigerian internet service provider (ISP). Google’s user traffic was routed via Russia and Nigeria before the tech giant’s IP prefixes were leaked to the Chinese state-owned telecom provider called China Telecom.
Coincidentally, China Telecom is the same organization that security researchers recently blamed for helping Chinese intelligence agencies of spying on and stealing from US businesses. The brief Google outage was also caused by BGP hijacking, which is considered alarming, as it allows an unauthorized party to exchange the routing of information.
“The outage not only affected G Suite, but also Google Search as well as Google Analytics,” security researchers at ThousandEyes said in a report. “Overall ThousandEyes detected over 180 prefixes affected by this route leak, which covers a vast scope of Google services. Our analysis indicates that the origin of this leak was the BGP peering relationship between MainOne, the Nigerian provider, and China Telecom.”
The outage was first detected by the internet monitoring service BGPmon, who confirmed that the incident was caused by the Nigerian ISP MainOne, ZDNet reported. In the aftermath of the outage, MainOne took to Twitter to clarify that the incident was caused due to a misconfiguration error during a planned network upgrade.
“Even corporations like Google with massive resources at their disposal are not immune from this sort of BGP leak or malicious hijacks,” ThousandEyes researchers added. “MainOne took 74 minutes to either notice or be notified of the issue and fix it, and it took about three-quarters of an hour more for services to come back up.”
The Google outage is further proof of how dangerous BGP hijacking attacks can be and how they appear to be escalating. Earlier this year, cybercriminals hijacked a DNS provider to conduct a massive cryptocurrency heist.