Russia tried to hijack some of Apple's internet traffic for 12 hours

Posted:
in General Discussion
For a period of around 12 hours, Russia's Rostelecom tried repeatedly to route users of Apple services through own servers, even through countermeasures applied by Apple engineers.




Rostelecom is Russia's largest internet provider and for a period of just over 12 hours, it repeatedly tried to hijack traffic intended for Apple services. It can't be established whether this was a deliberate attempt or an internet configuration error, but Rostelecom made what are called false route announcements that could make internet connections to to its servers instead of Apple's.

MANRS, an organization that works "to reduce the most common routing threats," says that Russia did this periodically over July 26 and July 27.

Users never select specific routes to servers, they just attempt to access a service and the routing takes place behind the scenes. MANRS says that effectively, Rostelecom's servers claimed to be the route to a wide range of Apple services.

The organization's full post examines all publicly-available information about the attack and details some steps Apple must have taken to combat it.

Ultimately, what happened is that Rostelecom servers announced they were the route to a broad range of Apple services. But Apple then had its servers announce more specific routes.

"When the routes a network is announcing are not covered by valid Route Origin Authorization (ROA)," writes MANRS, "the only option during a route hijack is to announce more specific routes. This is exactly what Apple Engineering did today."

After around 12 hours, Rostelecom ceased sending the false routing announcements.

"We are not aware of any information yet from Apple that indicates what, if any, Apple services were affected," continues MANRS. "We also have not seen any information from Rostelecom about whether this was a configuration mistake or a deliberate action."

Through the period of time that the routing was under attack, Apple services had no downtime, nor a notable increase in complaints.

Read on AppleInsider
«1

Comments

  • Reply 1 of 23
    DAalsethDAalseth Posts: 2,979member
    Apple needs to sever all ties with Russia. Cut them off cold to updates, services, iCloud, AppleMusic, everything. Flip the switch without warning. You live in Russia your device is bricked and you are SOL. I know that Apple keeps talking about trying to protect their customers. It's too late for that. Until the general populace starts feeling the pain from Putin's war they won't put an end to it. Remember, that's what brought down the Tzar. The people get fed up with paying in blood and treasure for the Tzar's adventure in WWI. It's time for another revolution and Apple needs to step up and do their part.
    edited July 2022 iOS_Guy80p-dogtmayITGUYINSDdrdavidjony0baconstangjas99lordjohnwhorfinwatto_cobra
  • Reply 2 of 23
    cincyteecincytee Posts: 419member
    Remember, that's what brought down the Tsar. The people get fed up with paying in blood and treasure for the Tsar's adventure in WWI.

    The people got fed up with paying in blood and treasure and losing on top of it. Important distinction that may also come to apply to Putin and Ukraine.
    sconosciutojony0baconstangjas99Alex1Nlordjohnwhorfinwatto_cobra
  • Reply 3 of 23
    DAalseth said:
    Apple needs to sever all ties with Russia. Cut them off cold to updates, services, iCloud, AppleMusic, everything. Flip the switch without warning. You live in Russia your device is bricked and you are SOL. I know that Apple keeps talking about trying to protect their customers. It's too late for that. Until the general populace starts feeling the pain from Putin's war they won't put an end to it. Remember, that's what brought down the Tzar. The people get fed up with paying in blood and treasure for the Tzar's adventure in WWI. It's time for another revolution and Apple needs to step up and do their part.
    I don’t think Apple should be doing business in Russia either, but you’re living in fantasy land if you think that “the general populace” will have anything to do with Putin’s exit.
    sconosciutothtjony0Alex1Nwatto_cobra
  • Reply 4 of 23
    boboliciousbobolicious Posts: 1,168member
    ... is this a good reminder of the potential vulnerability of (especially large, high value) cloud services with so many potential attack vectors ...?

    ... is it the opposite of the concept of the internet in terms of communication reliability of multiple web connections ...?

    The Kremlin apparently went low tech: www.cnet.com/culture/kremlin-finds-way-to-avoid-leaks-typewriters/
    edited July 2022 sconosciuto9secondkox2jony0Alex1Nwatto_cobra
  • Reply 5 of 23
    red oakred oak Posts: 1,104member
    The ORCs, randomly banging away again on their keyboards 

    watto_cobra
  • Reply 6 of 23
    I don’t think Apple should be doing business in Russia either, but you’re living in fantasy land if you think that “the general populace” will have anything to do with Putin’s exit.
    Anything that will increase the level of discontent in Russia will help put an end to Putin and his cohorts.

    Having that crowd deposed is the only hope for a future peaceful Europe.
    jony0baconstangwatto_cobra
  • Reply 7 of 23
    See Kamil Galeev's Twitter feed for a well-informed view of what's happening in Russia from an academic. Not saying he's right about everything but he makes very good points. https://mobile.twitter.com/kamilkazani/status/1498377757536968711

    There's not ever going to be a popular uprising against Putin. That's just not how things work in Russia. For one, the deaths are disproportionately low in Moscow and St. Petersburg, the two main population centers and of course Moscow is the seat of power. That's not at all a coincidence. Putin is perfectly happy to sacrifice the lives of young men in distant areas of the vast Russian territory. Their families are too far from Moscow to do anything about it, and for decades Russians have had any notion of asserting themselves ground the fuck out of them. First by the Soviet regime, and now by Putin's government. (If anything, Russia is more dangerous than the USSR because at least the Soviet Union wasn't a one-man show.)

    Cincytee nailed it. If Putin is ever brought down, it's because he's losing. I was talking to somebody last night who was worried about Putin and his nukes. I told him, look buddy: Putin is aggressive but it's calculated aggression. He's not going to invade NATO territory, we've already proven in Ukraine that NATO weaponry in capable hands can defeat Russia on the battlefield. Actually taking on NATO forces - with their superior training and strategy and tactics and morale - would be disastrous for Russia and for Putin himself.


    Putin is not suicidal but if he ever came to the point that he was thinking of lobbing a nuke or two in order to avoid definitively losing in Ukraine, I'm certain that he would be removed by others who don't share his death wish.
    edited July 2022 drdavidfreeassociate2jony0baconstangAlex1Nfastasleepwatto_cobraJohel
  • Reply 8 of 23
    ITGUYINSDITGUYINSD Posts: 536member
    DAalseth said:
    Apple needs to sever all ties with Russia. Cut them off cold to updates, services, iCloud, AppleMusic, everything. Flip the switch without warning. You live in Russia your device is bricked and you are SOL. I know that Apple keeps talking about trying to protect their customers. It's too late for that. Until the general populace starts feeling the pain from Putin's war they won't put an end to it. Remember, that's what brought down the Tzar. The people get fed up with paying in blood and treasure for the Tzar's adventure in WWI. It's time for another revolution and Apple needs to step up and do their part.
    I don’t think Apple should be doing business in Russia either, but you’re living in fantasy land if you think that “the general populace” will have anything to do with Putin’s exit.
    Depends.  Does Putin rock the latest iPhone 13 or does he pack an Android?  With the former, a complete shutdown might get his attention.
    watto_cobra
  • Reply 9 of 23
    genovellegenovelle Posts: 1,481member
    Bricking public phones actually would help Putin’s cause. iMessage and FaceTime are a few of the ways left to get outside info into Russia’s media bubble. All independent media has been forced out and the internet is on information lockdown. 
    MrBunsidejony0Alex1Nwatto_cobra
  • Reply 10 of 23
    9secondkox29secondkox2 Posts: 3,039member
    Very serious and calculated move by Russia. 
    Also finding vulnerabilities in the routing infrastructure. 

    Russias war isn’t going to stop with Ukraine. That’s a strategic move to gain a massive nuclear power plant while advancing its dominance agenda. They e already threatened their own surrounding countries as well as the USA. And China is right behind with its unprecedented disrespect and threatening of the USA as it seeks to devour one of the most prolific product economies in Taiwan prior to its 2049 buildup goal. 

    Though Apple was vigilant, there is no doubt that some data was stolen. You have to wonder what kind of blackmail is planned for any incriminating info discovered, especially where apple using politicians, media, and big tech folks are concerned. 

     
    watto_cobra
  • Reply 11 of 23
    mac_dogmac_dog Posts: 1,083member
    DAalseth said:
    Apple needs to sever all ties with Russia. Cut them off cold to updates, services, iCloud, AppleMusic, everything. Flip the switch without warning. You live in Russia your device is bricked and you are SOL. I know that Apple keeps talking about trying to protect their customers. It's too late for that. Until the general populace starts feeling the pain from Putin's war they won't put an end to it. Remember, that's what brought down the Tzar. The people get fed up with paying in blood and treasure for the Tzar's adventure in WWI. It's time for another revolution and Apple needs to step up and do their part.
    Agreed. One of the reasons society is so fucked up is that there is no accountability for anything. And it starts at the top (yet everyone else [with the exception of white males] is expected to fall in line. And, in this particular case, the reason apple doesn’t cut ties is bcoz of the almighty dollar. Period. 
    drdavid
  • Reply 12 of 23
    Less ignorance, more facts.
    DAalseth said:
    Apple needs to sever all ties with Russia. Cut them off cold to updates, services, iCloud, AppleMusic, everything. Flip the switch without warning. You live in Russia your device is bricked and you are SOL. I know that Apple keeps talking about trying to protect their customers. It's too late for that. Until the general populace starts feeling the pain from Putin's war they won't put an end to it. Remember, that's what brought down the Tzar. The people get fed up with paying in blood and treasure for the Tzar's adventure in WWI. It's time for another revolution and Apple needs to step up and do their part.
    This would have zero impact on the situation described in the article. Had they already done so, nothing would have changed. Rostelecom could still have announced Apple's route(s) - which is an entire /8!!! - and everything would have played out exactly the same way.
    ... is this a good reminder of the potential vulnerability of (especially large, high value) cloud services with so many potential attack vectors ...?

    ... is it the opposite of the concept of the internet in terms of communication reliability of multiple web connections ...?
    No, to both questions. This has nothing to do with attacks on cloud services. It's fundamental to all traffic on the internet. And the problem is exactly the multiple possible connections, in that the lack of a central authority for the net means there's no single source of truth for who is allowed to announce which routes. There has been an answer to that problem for over two decades, but it's not used everywhere, much to everyone's detriment. See http://irr.net, or google "radb". If the entire world used and enforced registration of routes in a route database like the RADB, this attack could not have any effect outside of Rostelecom's own customers.
    Very serious and calculated move by Russia. 
    Also finding vulnerabilities in the routing infrastructure. 

    Russias war isn’t going to stop with Ukraine. That’s a strategic move to gain a massive nuclear power plant while advancing its dominance agenda. They e already threatened their own surrounding countries as well as the USA. And China is right behind with its unprecedented disrespect and threatening of the USA as it seeks to devour one of the most prolific product economies in Taiwan prior to its 2049 buildup goal. 

    Though Apple was vigilant, there is no doubt that some data was stolen. You have to wonder what kind of blackmail is planned for any incriminating info discovered, especially where apple using politicians, media, and big tech folks are concerned.
    This is extra ignorant. Just stop.
    1) This isn't a "vulnerability in the routing infrastructure". It is, unfortunately, a designed-in feature. It will continue to be the case until use of route databases is universally enforced.
    2) I have a LOT of doubt that any user data was stolen. In fact it's virtually certain that no data was stolen, as all of it was likely encrypted, though they certainly would be able to capture some metadata - for example, who was connecting to Apple services, and when. The scenario you envision is not the problem. It is conceivable that the metadata alone could matter in a specific case involving a high-value target, however. That's a reasonably plausible explanation for the whole event, in fact, though we'll likely never know.
    3) Off topic, but the notion that Russia invaded Ukraine just to get control of one aging nuclear plant is ludicrous.
    jony0ransonbaconstangAlex1Ny2anfastasleepMac4macwatto_cobra
  • Reply 13 of 23
    netroxnetrox Posts: 1,486member
    This is why Russia cannot be trusted for freedom of economics. 
    watto_cobra
  • Reply 14 of 23
    DAalsethDAalseth Posts: 2,979member
    3) Off topic, but the notion that Russia invaded Ukraine just to get control of one aging nuclear plant is ludicrous.
    I would agree with that. Russia has wanted warm water ports for centuries. They grabbed Crimea, but that’s just a start. They have their eyes on Odessa, and then further south. 
    baconstangwatto_cobra
  • Reply 15 of 23
    danoxdanox Posts: 3,299member
    See Kamil Galeev's Twitter feed for a well-informed view of what's happening in Russia from an academic. Not saying he's right about everything but he makes very good points. https://mobile.twitter.com/kamilkazani/status/1498377757536968711

    There's not ever going to be a popular uprising against Putin. That's just not how things work in Russia. For one, the deaths are disproportionately low in Moscow and St. Petersburg, the two main population centers and of course Moscow is the seat of power. That's not at all a coincidence. Putin is perfectly happy to sacrifice the lives of young men in distant areas of the vast Russian territory. Their families are too far from Moscow to do anything about it, and for decades Russians have had any notion of asserting themselves ground the fuck out of them. First by the Soviet regime, and now by Putin's government. (If anything, Russia is more dangerous than the USSR because at least the Soviet Union wasn't a one-man show.)

    Cincytee nailed it. If Putin is ever brought down, it's because he's losing. I was talking to somebody last night who was worried about Putin and his nukes. I told him, look buddy: Putin is aggressive but it's calculated aggression. He's not going to invade NATO territory, we've already proven in Ukraine that NATO weaponry in capable hands can defeat Russia on the battlefield. Actually taking on NATO forces - with their superior training and strategy and tactics and morale - would be disastrous for Russia and for Putin himself.


    Putin is not suicidal but if he ever came to the point that he was thinking of lobbing a nuke or two in order to avoid definitively losing in Ukraine, I'm certain that he would be removed by others who don't share his death wish.

    I hope the Ukraine can drag it out and make itself the biggest fattest Porcupine it can…..
    sconosciutobaconstangAlex1Nwatto_cobra
  • Reply 16 of 23
    Re:  http://irr.net their cert being expired doesn’t inspire confidence…
    watto_cobra
  • Reply 17 of 23
    igorskyigorsky Posts: 774member
    DAalseth said:
    Apple needs to sever all ties with Russia. Cut them off cold to updates, services, iCloud, AppleMusic, everything. Flip the switch without warning. You live in Russia your device is bricked and you are SOL. I know that Apple keeps talking about trying to protect their customers. It's too late for that. Until the general populace starts feeling the pain from Putin's war they won't put an end to it. Remember, that's what brought down the Tzar. The people get fed up with paying in blood and treasure for the Tzar's adventure in WWI. It's time for another revolution and Apple needs to step up and do their part.
    I don’t think Apple should be doing business in Russia either, but you’re living in fantasy land if you think that “the general populace” will have anything to do with Putin’s exit.
    I agree but probably not for the reasons you think.  The general populace of Russia are more than happy to follow a strong-armed dictator; it's in their blood going back to the Kievan Rus.  In this regard they are really worse off than slaves, because at least slaves hope for freedom.
    edited July 2022 baconstangAlex1Nwatto_cobra
  • Reply 18 of 23
    DAalsethDAalseth Posts: 2,979member
    danox said:
    See Kamil Galeev's Twitter feed for a well-informed view of what's happening in Russia from an academic. Not saying he's right about everything but he makes very good points. https://mobile.twitter.com/kamilkazani/status/1498377757536968711

    There's not ever going to be a popular uprising against Putin. That's just not how things work in Russia. For one, the deaths are disproportionately low in Moscow and St. Petersburg, the two main population centers and of course Moscow is the seat of power. That's not at all a coincidence. Putin is perfectly happy to sacrifice the lives of young men in distant areas of the vast Russian territory. Their families are too far from Moscow to do anything about it, and for decades Russians have had any notion of asserting themselves ground the fuck out of them. First by the Soviet regime, and now by Putin's government. (If anything, Russia is more dangerous than the USSR because at least the Soviet Union wasn't a one-man show.)

    Cincytee nailed it. If Putin is ever brought down, it's because he's losing. I was talking to somebody last night who was worried about Putin and his nukes. I told him, look buddy: Putin is aggressive but it's calculated aggression. He's not going to invade NATO territory, we've already proven in Ukraine that NATO weaponry in capable hands can defeat Russia on the battlefield. Actually taking on NATO forces - with their superior training and strategy and tactics and morale - would be disastrous for Russia and for Putin himself.


    Putin is not suicidal but if he ever came to the point that he was thinking of lobbing a nuke or two in order to avoid definitively losing in Ukraine, I'm certain that he would be removed by others who don't share his death wish.

    I hope the Ukraine can drag it out and make itself the biggest fattest Porcupine it can…..
    While I don’t want war anywhere, it would be very good for NATO and the west if Ukraine bleeds the Russian army white. 
    baconstangAlex1Ncaladanian
  • Reply 19 of 23
    waveparticlewaveparticle Posts: 1,497member
    DAalseth said:
    3) Off topic, but the notion that Russia invaded Ukraine just to get control of one aging nuclear plant is ludicrous.
    I would agree with that. Russia has wanted warm water ports for centuries. They grabbed Crimea, but that’s just a start. They have their eyes on Odessa, and then further south. 
    Your history was taught by a sports teacher. USSR had Crimea before 1992. Then USSR was dismantled and Ukraine declared indolence. 
  • Reply 20 of 23
    DAalsethDAalseth Posts: 2,979member
    DAalseth said:
    3) Off topic, but the notion that Russia invaded Ukraine just to get control of one aging nuclear plant is ludicrous.
    I would agree with that. Russia has wanted warm water ports for centuries. They grabbed Crimea, but that’s just a start. They have their eyes on Odessa, and then further south. 
    Your history was taught by a sports teacher. USSR had Crimea before 1992. Then USSR was dismantled and Ukraine declared indolence. 
    Russia has been striving for warm water ports for centuries. The Crimean War in the late 1800s was about this. The Soviet annexation, and deliberate famine of the Ukrainian population was about getting this. The Soviets held onto them yes, but as soon as the USSR fell apart, they started working to regain them. This has been their goal for ages. I even remember reading analyses of the Soviet invasion of Afghanistan as partially because they hoped they could get a warm water port in the Indian Ocean.  It failed miserably. 

    So yes this has been a goal of the Russians for centuries. The seventy years when they had one, were just an interlude. And Putin’s goal is to reassert Russian influence, effectively to recreate the Soviet Union, ports and high seas navy included. In that he will fail. 
    tmaybaconstanggatorguyAlex1Nfastasleepwatto_cobra
Sign In or Register to comment.