Russia’s Rostelecom Briefly Had Unauthorized Access to Sensitive Financial Internet Traffic

It’s never good to learn a telecom operator successfully hijacked internet traffic. The situation only gets worse when we learn financial services were targeted by this Russian-controlled telecom. Among the companies affected are Visa, MasterCard, and several other dozen financial service providers. It appears this was an error on the telecom operator’s side.

An Error or Malicious Intent?

That is the main question on everybody’s mind right now. On paper, it appears this glitch was caused by an unknown anomaly found in the border gateway protocol that routes internet traffic among ISPS and Internet backbones across borders. What is rather peculiar is how one telecom operator – controlled by the Russian government – successfully received this sensitive financial data all of a sudden.

Although it is possible a human error was the cause of this mishap, not everyone thinks that is the case. Uneasy political relations between Russia and the US could have been a driving factor for this potentially purposeful traffic hijacking. With companies such as MasterCard and Visa affected, it is not hard to see why people are thinking along those lines. The anomaly lasted for less than seven minutes, although a lot of data was transmitted through the Russian telecom during that time.

Moreover, the financial internet traffic was redirected to this Russian telecom operator on purpose, according to a preliminary investigation. It is impossible for this traffic to end up in the operator’s hands automatically, thus there must have been some manual intervention at some point. However, this has not been officially confirmed at this stage and should be taken as mere speculation by security analysts at this point.

While it is true internet traffic for major financial service providers routes through many different ISPs and other service providers, this is always done through authorized entities. This particular incident is quite disconcerting, since Russia’s Rostelecom was not one of those authorized entities [at that time], yet they ended up controlling the data for up to seven minutes. Once the anomaly was solved, the regular routing process resumed. A very strange turn of events, as it could have allowed Russian analysts to manipulate traffic during this brief window of time. It does not appear that has happened, though.

For the time being, this incident is labeled as an inadvertent anomaly, although a more thorough investigation is still under way. It is hard to tell if a different outcome will be achieved once the investigation concludes. One thing is certain: incidents like these warrant further investigating, as hijacking financial internet traffic can have major consequences. It would not be the first time this type of internet traffic is purposefully hijacked either, as a similar incident occurred in 2013.

It is evident we may need to rethink the way particular types of internet traffic are routed automatically. Using BGP routing announcements may no longer be as secure as once assumed. Involving third parties as data is broadcasted will only cause more problems as time progresses. It is possible blockchain technology can play a big role in improving this process moving forward, albeit only time will tell whether or not that will be the case.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.