Google on Monday suffered interruption of services due to a configuration error made by an internet service provider in Nigeria during a network upgrade that resulted in traffic being rerouted to China and Russia.
TheNewsGuru (TNG) reports MainOne, a major internet service provider, confirmed the development, but said “we are not aware that any Google services were compromised as a result”.
“In the early hours of Tuesday, MainOne experienced a technical glitch during a planned network upgrade and access to some Google services was impacted. The error was accidental on our part; we are not aware that any Google services were compromised as a result. We promptly corrected the situation at our end and are doing all that is necessary to ensure it doesn’t happen again,” the ISP said.
Prior to MainOne’s explanation, there have been speculations that Monday’s 74-minute data reroute to China and Russia might have been intentional, in what has been described as data hijacking.
According to experts’ analyses, the type of traffic misdirection involved can knock essential services offline and facilitate espionage and financial theft. They can also be used to block access to information by sending data requests into internet black holes. Experts say China, in particular, has systematically hijacked and diverted U.S. internet traffic.
However, according to MainOne’s spokesman, Tayo Ashiru, the problem was as a resulted of human error, saying “Everyone is pretty confident that nothing untoward took place”.
He said engineers mistakenly forwarded to China Telecom addresses for Google services that were supposed to be local. The Chinese company, in turn, sent along the bad data to Russia’s TransTelecom, a major internet presence.
Ashiru said MainOne did not yet understand why China Telecom did that, as the state-run company normally doesn’t allow Google traffic on its network.
Explaining why the traffic rerouting resulted in disruption of Google services, Alex Henthorn-Iwane, an executive at the network-intelligence company, ThousandEyes, said the traffic diversion into China created a detour with a dead end, preventing users from accessing the affected Google services.
He said Monday’s incident offered yet another lesson in the internet’s susceptibility to “unpredictable and destabilizing events. If this could happen to a company with the scale and resources available that Google has, realize it could happen to anyone.”
The diversion, known as border gateway protocol route hijacking, is built into the internet, which was designed for collaboration by trusted parties – not competition by hostile nation-states. Experts say it is fixable but that would require investments in encrypted routers that the industry has resisted.
ThousandEyes said the diversion at minimum made Google’s search and business collaboration tools difficult or impossible to reach and “put valuable Google traffic in the hands of ISPs in countries with a long history of Internet surveillance.”
Most network traffic to Google services – 94 percent as of Oct. 27 – is encrypted, which shields it from prying eyes even if diverted. But work was interrupted on services like G-Suite, which Google CEO Sundar Pichai in February said had more than 4 million businesses as customers. G-Suite and Google Cloud combined generate about $4 billion in revenue each year.
Google did not quantify the disruption other than to say in a statement that “access to some Google services was impacted.”
The internet giant also said it had no reason to believe the traffic hijacking was malicious.
Google Search, cloud hosting, and G-Suite collaborative business tools were among services disrupted.