Response: Targeted Internet Traffic Misdirection – Renesys

The report shows strong evidence that very specific prefixes were hijacked and diverted to countries where legal jurisdiction could be reasonably assumed to be weak. Renesys does not say which prefixes were hijacked but consider hijacking a corporate PI space and capturing a copy of all the email to & from a large company (email is largely unencrypted). Or capturing browsing traffic and analysing the web traffic with some sort of big data tool to look for signals on the company.

But there’s actually been a significant uptick this year in a completely different kind of attack, one that can be carried out by anybody, at a distance, using Internet route hijacking.

via The New Threat: Targeted Internet Traffic Misdirection – Renesys.

The NSA/Snowden revelations have highlighted the lack of security around email already but mass interception of email for a targeted corporate takes risk to a new level. Email admins are going to have some tough times ahead with implementing PKI on their infrastructure.

About Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at and on Twitter @etherealmind and Google Plus

You can contact Greg via the site contact page.

  • PatG

    I think email admins are going to have a tough time *trusting* PKI let alone implementing it!

Subscribe For Weekly Updates by Email

Get a Weekly Summary of Latest Articles and Posts to your Email Inbox Every Sunday

Thanks for signing up. Look for the email from MailChimp & make sure you confirm your email address. You may need to check your spam or gmail settings to be sure of receiving the email.

Note: You can unsubscribe at any time using the link at the bottom of every email.