Sprint, Windstream traffic routing errors hijacked other ISPs

Internet traffic routing errors made by US operators Sprint and Windstream on the same day underscore a long-known Internet weakness, posing both security and reliability issues.

Both of the errors involved Border Gateway Protocol (BGP), an aging but crucial protocol that is used by networking equipment to route traffic between different providers. Traffic routes are "announced" using BGP, and the changes are then taken up by routers around the world. But network providers frequently make erroneous announcements -- known as "route hijacking" -- which can shut off services, causing reliability issues or be used for certain kinds of cyberattacks. For about a day, Sprint made a BGP announcement that directed Internet traffic from an ISP in Macedonia through its own network, wrote Doug Madory, a senior analyst with Dyn's Renesys division, which monitors how global Internet traffic is routed. On the same day, Windstream commandeered traffic destined for Saudi Telecom, and then a day later for networks in Gaza and Iceland, besides three in China, Madory wrote.