BGP hijacking: massive Internet disruptions in the Telekom landline network

BGP hijacking: massive Internet disruptions in the Telekom landline network

With an apparently large number of Deutsche Telekom landline connections, there are sometimes major problems on Thursday mornings. The company itself said on Twitter that Microsoft services and Cisco’s Webex are affected. The services could not be used from the landline network, they are already working on fixing them. In some cases, restarting the router can help, it also says. Those affected have already replied that the tip did not help them.

One more case of BGP hijacking is apparently responsible for the problems. Providers advertise IP address blocks as their own, which do not even belong to them. As a result, the traffic directed to the addresses is redirected to the actual destination via the hijacker (“hijacker”). In the current case, a Bulgarian provider was probably responsible, as initial analyzes suggest. It has been known for years that this is possible with little effort and is one of the major security gaps in the Border Gateway Protocol, via which Internet subnetworks of companies and providers connect to one another to the Internet. A remedy for laying wrong BGP routes was specified in the form of cryptographic protection via RPKI, but the technology is only spreading gradually.

[Update 29.07.2021 – 11:00 Uhr] The disruptions have also been observed at Microsoft and responded with their own countermeasures, announced the US group in the morning. In the meantime the problems seem to have been resolved. At least that is what reports from those affected suggest. Further information is not yet available.

[Update 29.07.2021 – 11:10 Uhr] Information on BGP hijacking added.

[Update 29.07.2021 – 13:00 Uhr] In the meantime, Telekom has also confirmed that the underlying problem has been resolved.


Article Source

Disclaimer: This article is generated from the feed and not edited by our team.