Internet
traffic from several U.S.
government agency sites was briefly diverted through servers in China in April,
congressional investigators reported Wednesday.
For 18
minutes, about 15 percent of all web traffic was redirected through China,
including traffic to and from the sites of the U.S. Army, Navy, Marine Corps,
Air Force, the office of the Secretary of Defense, the Senate and NASA,
according to a report delivered to Congress by the U.S.-China Economic and
Security Review Commission.
Investigators
say the web traffic was diverted by China Telecom, a state-owned enterprise.
They do
not know whether the diversion was intentional, whether the government of China played
any role, or whether any sensitive data was compromised.
The
report says that the irregular routing could have allowed the surveillance of
users or sites, the disruption or diversion of communications and the
compromising of supposedly secure encrypted sessions.
Cyber warfare,
corporate espionage
Pentagon
spokeswoman Lt. Col. April Cunningham said the Defense Department “is
concerned about any Internet traffic being intentionally rerouted outside of
the usual operations.” But, she said, “the security of Department of
Defense information is not affected by misdirection of internet traffic.”
The Pentagon had no information to confirm whether the incident occurred, she
said.
The
Pentagon is in the process of establishing procedures “to address any
potential current and future vulnerability,” Cunningham told CNN.
Larry
Wortzel, a member of the commission, said that given access to a stream of
military traffic for 18 minutes, it might be possible “with really good
computers” to get “a little information.”
But
another risk, he said, was that it could create an opening for spyware
infiltration. “If you were a pretty knowledgeable intelligence service,
you would get the internet addresses of everybody that communicated. And then
you could essentially engineer a fake e-mail,” he said, “and if
someone opened an attachment, you would then insert a virus into the whole
system.”
The
report alleges that the diversion was caused when China Telecom briefly offered
a false electronic notification to internet traffic on the web, causing some
traffic to mistakenly conclude that the quickest way to reach its destination
was to travel through the company’s servers in China.
Related Videos
