For two hours Monday, internet traffic that was supposed to route through Google’s Cloud Platform instead found itself in quite unexpected places, including Russia and China. But while the haphazard routing invoked claims of traffic hijacking—a real threat, given that nation states could use the technique to spy on web users or censor services—the incident turned out to be a simple mistake with outsized impacts.
Google noted that almost all traffic to its services is encrypted, and wasn’t exposed during the incident no matter what. As traffic pinballed across ISPs, though, some observers, including the monitoring firm ThousandEyes, saw signs of malicious BGP hijacking—a technique that manipulates the web’s Border Gateway Protocol, which helps ISPs automatically collaborate to route traffic seamlessly across the web.
ThousandEyes saw Google traffic rerouting over the Russian ISP TransTelecom, to China Telecom, toward the Nigerian ISP Main One. “Russia, [...]