• Chinese government accused of playing ‘man in the middle’
• Vast amounts of data ‘misdirected’ via BGP protocol
• China Telecom says it’s innocent of all charges

Earlier this month a paper published by the US Naval War College revealed what it claims was a  “Hidden Story of China Telecom's BGP Hijacking." (BGP is the ‘ Border Gateway Protocol’ which handles routing between autonomous systems on the Internet). Basically the paper accused the Chinese government - in league with China Telecom - of manipulating BGP routing in order to intercept internet traffic travelling from one place to another across the US and divert it to China where it could be ‘deep inspected’ and potentially deciphered.

Ars Technica rounds up the evidence that China Telecom misdirected big chunks of Internet traffic through a roundabout path between various providers’ backbones in the US for two and a half years.

However, according to Ars it remains unclear if the highly circuitous paths were intentional hijackings of the Internet’s Border Gateway Protocol or were caused by accidental mishandling.

Ars makes the point that the BGP has fragility issues and it itemises other (non-Chinese) examples of ‘BGP hijacking’ which often formed part of some complex hacking caper with criminals getting away with millions of dollars in the process. The implication is that whatever the motivation behind the China Telecom misdirection, it’s likely that a rethink of the BGP or the way it is used, is required.

China Telecom, of course, vociferously denies any wrongdoing below

22 Nov 2018

Recently, a number of media reports claimed that China Telecom "hijacked overseas Internet data traffic". The content of these reports was lack of factual evidence. The conclusion was ungrounded. Also, it did not match with the current status and technical principles of global Internet operation.

Some media further reported that "certain overseas Internet traffic which should be directed to Google addresses was being re-routed to China Telecom". In response to these reports, China Telecom promptly commenced a serious and thorough investigation by a task force of network technicians. It was found that the re-routing of Google data traffic stemmed from erroneous routing configuration by a Nigerian operator MainOne Cable on 13 November (Beijing time), causing the Google data traffic, which was originally directed by MainOne Cable, to be mistakenly sent to China Telecom. Following relevant protocols, China Telecom forwarded the data traffic to MainOne Cable, resulting in severe congestion as the traffic volume far exceeded the interconnecting bandwidth between China Telecom and MainOne Cable (please refer to the traffic diagram below). The fault, which lasted for 1 hour 20 minutes, was remedied after MainOne Cable corrected the configuration. China Telecom bore no relation to this incident.

Traffic diagram between MainOne Cable and China Telecom on 13 November

Internet data routing through other operators is a common practice in global Internet operation. Data routing is not hijacking, but a result of overall balancing between economy and connectivity. In reality, it is common to have certain data traffic from Asia to the US routing through Japan, or data traffic from Australia to China routing through Americas. The operation of China Telecom’s international Internet business is in accordance with laws, and it is normal for Americas or Europe data traffic to route through China Telecom’s international network. The claim that China Telecom conducted "data traffic hijacking" was an unfounded and groundless speculation.

Internet is built on the ideas of openness and mutual trust. Over the years, operators from different countries have been working together for the healthy and orderly development of global Internet, offering positive contribution to the informatization of global society and economy. Abiding by international standards and protocols, China Telecom always insists on compliance business and network operation and optimizes network and operation according to the best Internet practice. The Company will continue to work with global operators as always to create a secure and stable global Internet environment.