Unfortunately, it seems a lot of others may have missed it as well. Here’s what went down: On Nov. 12, at approximately 1:00 PM to 2:23 PM PST, Google Cloud’s internet traffic was disrupted, causing a good portion of UK, France, Canada, and US web traffic to get rerouted through ISPs in Nigeria, Russia, and China. Much of the traffic was sent through China Telecom, where it hit the Great Firewall of China, which heavily restricts internet access to a wide range of websites. Because of this, people trying to use Google G Suite and Google Search incurred a massive denial of service, which resulted in wide-scale problems, and even Spotify experienced an outage. Perhaps more importantly, the rerouting put valuable Google web traffic directly into the lap of ISPs located in two countries known for their invasive surveillance and internet restriction, China and Russia. The network security company ThousandEyes determined that the main issue came down to an accidental leak from the Border Gateway Protocol (BGP) to Nigerian-based ISP MainOne and China Telecom. BGP is the routing protocol used to route traffic across the entire internet, most often by facilitating a peer connection between an ISP and another supposedly secured network. Incorrect routing instructions can cause traffic to be sent to the wrong destination altogether, or make incorrect stops along the way. Inconvenient and annoying for everyone affected, but the event is much more than just a frustrating hour or so for Google users — it’s another indictment of the continued need to secure your internet connection at all times, regardless of where you are.
Why it Matters
For a company the size of Google, this incident was unprecedented. Google was quick to maintain that their traffic is almost entirely encrypted — and the leak does appear to be an accident — but there were still signs of BGP-hacking. In this case, it seems that Russia and China had their network operators set up to receive rogue traffic, which means anytime something like this happens, they will get most of the traffic, instead of where it was supposed to be routed. The incident was problematic as the Chinese and Russian governments are ruthless when it comes to recording online activity and data.
Not the First Time — or Last
BGP-related incidents are nothing new. In 2003, a large-scale hijacking resulted in huge amounts of data being redirected through routers in Belarus and Iceland, before reaching their intended destination. In 2008 the Pakistani government used BGP to censor YouTube within the country by routing traffic to a dead end but temporarily blocked traffic entirely instead. More recently, there have been BGP hijacks involving cryptocurrency, and a 2017 BGP route leak that disabled several e-commerce and finance websites. In some ways, Russia, China, and other similar countries are merely exploiting a very generous BGP system that is outdated, and far too reliant on trust.
So, for the foreseeable future, and whether you like it or not, you are responsible for your online security regarding your internet connection. The best way to do this is by using a VPN.
Why You Need a VPN
Connecting via a VPN can fully shield your IP address, and effectively conceal your online activity, including your web browsing, downloads, emails, and more. This way, you are protected against hacking, and it prevents governments, or any one else, from monitoring your data. A VPN provides security that you’re in control of, regardless of what happens with large networks like Google’s. Even if your web traffic gets bounced around during BGP leaks or similar problems, it’s still secure and anonymous. VPNs provide some other added benefits as well, like the ability to spoof your IP location, making websites and streaming platforms think you’re somewhere that you’re not. Geo-spoofing can unblock specific streaming content like movies and sports, and even give you better prices on travel booking sites. Simply put, a VPN gives you reliable security and protection for all of your internet activity, even when outside companies can’t. Overhauls to internet infrastructure and outdated protocols are still years away, and will still not be able to ensure the total security needed in today’s landscape. Anyone who truly wishes to secure their online data and protect their anonymity should begin using a VPN immediately and never look back.