BGP Hijacking

History

2022: Ukraine uses BGP Hijacking against Russia

At the end of May 2022, it became known about the new principle that cyber attacks it began to apply Ukraine against Russia after the start of a special military operation. We are talking about BGP Hijacking technology, said the Vedomosti CEO and co-founder of the company. StormWall Ramil Hantimirov

BGP Hijacking is the capture of other people's IP addresses. With this type of attack, an attacker gains access to the victim's Internet connection and intercepts his traffic. This can lead to routing irregularities, increased latency, and complete unavailability of the resource.

Ukraine uses a new principle of cyber attacks against Russia

Although most providers do not accept such an announcement (route information), some have begun to accept it and distribute it further. As a result, out of half the locations, the bank's website was unavailable simply because it "faded," the packages were discarded, - said Ramil Khantimirov.

In addition, the founder and CEO of Qrator Labs, Alexander Lyamin, noted that blockages of the resources of various sanctioned companies using BGP Hijacking were observed in the first quarter of 2022. In particular, several Russian mobile operators suffered from the actions of the Ukrainian provider Lurenet. At the same time, the specialist noted that by the end of May 2022 there was no surge in the number of BGP interceptions.

StormWall reported that, in addition to BGP Hijacks, hackers use both standard public tools that are originally designed for testing and not for conducting attacks (Apache Benchmark (ab), GoldenEye) and specially developed utilities that are available for download and receive updates every week to improve the effectiveness of attacks. In both cases, the tools are free, only computing resources are needed, which in most cases the attackers already have.^[1]

Notes

Шаблон:Remarks