Media Reports on Worst Ever Internet Hijack Targeting Google
(Minghui.org) When everyone's smartphone, computer, and other electronic devices become tools to monitor our every move, how are we going to protect ourselves?
Attack on Google Worst in Firm's History
A cyber attack on Google took place this past Monday (November 12, 2018) and drew wide media attention. The attack diverted Internet traffic and disrupted Google services, including search, cloud-hosting services, and G Suite (its bundle of collaboration tools for businesses).
The Wall Street Journal published an article titled “Google Internet Traffic Is Briefly Misdirected Through Russia, China”on the day of the attack.
The Associated Press (AP) published an article the next day, titled “Internet traffic hijack disrupts Google services.”
The Daily Mail, the third-most-circulated daily newspaper in the UK, also published an online article on the same day as AP. The article was titled “Russia and China's 'attack on Google': Virtual wargame 'experiment' hits search giant with 'worst ever' internet hijack that intercepted search, cloud and business services.”
According to the Daily Mail, the highlights of the attack included,
“- An internet traffic diversion disrupted Google services and re-routed its data - Major internet providers in China and Russia intercepted data from Google users- Attack may prelude more wide-scale attacks from the nations involved in future- Interruptions lasted for nearly 1.5 hours until 10:30pm GMT (5:30pm EST)”
Google said it didn't believe the traffic hijacking was malicious, but security experts said that it has been hit by the “worst ever” internet hijack in the company's history.
The Daily Mail article reported, “Data belonging to users across the globe was intercepted by servers in Nigeria, China and Russia - including those run by major state-owned telecoms providers.”
The article also cited security experts as saying that “the hack was a 'wargame experiment' - meaning it may prelude similar, more wide-scale attacks from the nations involved in future.”
Google said it has no reason to believe Monday's incident was malicious, but it failed to quell fears for the security of its millions of users' personal data.
The company has been hit with a series of high-profile data leaks. Last month's breach of its Google+ social network exposed the private information of an estimated 500,000 people. It has been under increasing pressure to protect its users.
The Daily Mail article explained that the latest attack on Google, namely, traffic misdirection, is also known as border gateway protocol (BGP) hijacking, which can knock essential services offline and facilitate espionage and financial theft. The misdirection could be a result of either misconfiguration (human error) or malicious action.
The article cited two recent cases in which traffic rerouting hit financial sites and potentially exposed people's private data to malicious hackers. “In April 2017, a state-owned Russian Telecoms firm hijacked the traffic of MasterCard and Visa, allowing them enumerate who was initiating connections.” The second case took place a year later, with “another hijacking enabling hackers to steal $152,000-worth (£118,000) of the cryptocurrency Ether from users of the website EtherWallet.com.”
“Google network traffic normally travels through vetted service providers. A US-based Chinese 'Point of Presence' (PoP)—a legal Internet access point that allows Chinese citizens to access US sites—intercepted this data and sent it to China Telecoms,” the article reported.
The article included the following three images to illustrate how the latest attack on Google unfolded:
“This image shows an outage map of Google service in the US. Interruptions lasted for nearly one and a half hours and ended about 10:30pm GMT (5:30pm EST), network service companies said”
“Traffic was was intercepted by servers in Nigeria, China and Russia - including those run by major state-owned telecoms providers”
“This graphic shows traffic from network intelligence company ThousandEyes in San Francisco being re-routed through China”
The Daily Mail article reported that Network intelligence company ThousandEyes uncovered the hijack. One of its executives, Alex Henthorn-Iwane, called Monday's incident the worst affecting Google that his company has seen. He suspected nation-state involvement because the traffic was effectively landing at state-run China Telecom. His company named China Telecom, Transtelecom (a Russian Internet provider), and ISP MainOne (a Nigerian provider) as companies involved in the attack.
The article cited a recent study by U.S. Naval War College and Tel Aviv University scholars that found that China systematically hijacks and diverts U.S. Internet traffic.
Professor Alan Woodward, a computer scientist at the University of Surrey, was cited as saying “the hijack could have been part of an elaborate surveillance scheme.” He said: “Access to people's data is a 'strategic asset' for surveillance, and Russia and China have carried out hijack attacks to collect that data before.”
The Daily Mail article also included the following two images about people venting their frustration on Twitter:
“People took to Twitter to vent their frustrations, with one user writing 'I have no idea what to do with my life'”
“Some users asked if the 'whole internet' went down during the outage, which was caused by what security experts fear was the 'worst ever' internet hijack in the company's history”
Encrypted Communication Not Entirely Secure
The Daily Mail article also warned readers that encrypted communication is not entirely secure. The article stated,
“Most data like your online messages are encrypted, meaning anyone with access to that data could not easily read them.
“But while they could not read the messages themselves, they could track who talked to whom, when, and for how long.
“This would be useful information to help build up intelligence data on high-profile individuals of interest to foreign governments.”
Once the encryption service providers are hacked or threatened by foreign governments, everything is fair game—whatever texts, audios, images, and videos shared through phones, computers, and other electronic devices may be monitored, analyzed, misused, or abused.
Data Collection and Surveillance Is Everywhere
Data collection and surveillance has penetrated every aspect of our lives, as long as we use computers, phones, or even appliances that have Internet connection.
On June 22, 2016, The New York Times published an article titled “Mark Zuckerberg Covers His Laptop Camera. You Should Consider It, Too.”
The article explained, “The taped-over camera and microphone jack are usually a signal that someone is concerned, perhaps only vaguely, about hackers’ gaining access to his or her devices by using remote-access trojans—a process called 'ratting.'”
And, “...according to a 2015 report released by the nonprofit Digital Citizens Alliance, the practice is a growing problem for consumers, especially young women. The report also said that trojans account for some 70 percent of all malware.”
The article cited Stephen Cobb, senior security researcher at ESET (a Czech-based data security firm), as saying, “People who are not billionaires or high-ranking government officials are not without risk... For people who are not C.E.O.s, the threat is people scanning the internet for accessible webcams for a range of motives, from voyeurism to extortion.”
Security experts support Zuckerberg's practice: “Covering the camera is a very common security measure,” Lysa Myers, another security researcher at ESET, said in an email to The New York Times, which reported that former FBI director James Comey also taped over the webcam on his personal laptop.
Where Is the World Heading?
While covering the camera is simple to do, can you stop surfing the Internet in today's digital age?
Many people cannot function without the Internet. They can't do their job, make phone calls, contact family and friends, use online banking, or pass the time. Every Google search they make is providing private information to Google. Every app update they run is likely to result in their being closely monitored. Big data spares no one in the human race.
The non-stop, omniscient data collection targets all kinds of personal information, such as name, gender, address, phone numbers, email accounts, contacts, height, weight, IP, photos, audios, videos, shopping habits, lifestyle, health, bank information, fingerprints, DNA, passwords, credit card information, and even our posture.
And that is not all. In addition to Google, the “global government” in the virtual world that surveils every aspect of our lives, i.e., computer makers and Internet providers, are also sparing no efforts to collect our information. It is an understatement to say there is no such thing as privacy in this digital world.
Such data collection and analysis is being done continuously even without our knowledge. Who is interested in the information collected? Intelligence agencies? Ad companies? The Chinese government? The Russian government? Cybercriminals? Or those who go all out to harm other people for their own gain?
In today's society when people have lost their moral compass, is there an effective, comprehensive, and absolute way to protect ourselves when faced with the virtual world? Or are we, whether we are average citizens or business gurus, hopelessly being monitored at all times?
How are we going to protect ourselves? How can we regain peace of mind? Where is the world heading?
Related Reports:
Fellow Practitioners, Please Consider Covering Webcams On Our Computers
Paying Attention to Security and Safety Is Essential