Google, Level 3 DNS services hijacked in Turkey
Turkey's campaign to restrict access to YouTube, Twitter and other websites continues
IDG News Service - Google said its free DNS (Domain Name System) service is being intercepted by most Turkish ISPs as the country battles users trying to circumvent censorship efforts by the government.
Also, an Internet monitoring firm said Sunday the DNS service from major communications company Level 3 had also been hijacked.
Turkey's government, embroiled in a corruption scandal, began clamping down on the Internet on March 21 by blocking access to Twitter. The government claimed Twitter violated the country's privacy laws.
YouTube was then blocked last Thursday for national security reasons. A conversation was published allegedly between Turkey's foreign minister, intelligence chief and a senior member of the armed forces concerning militants in neighboring Syria.
Both actions were taken just ahead of nationwide municipal elections held on Sunday.
Turkish ISPs have set up servers that "masquerade" as Google's DNS service, wrote Steven Carstensen, a Google software engineer.
"We have received several credible reports and confirmed with our own research that Google's Domain Name System (DNS) service has been intercepted by most Turkish ISPs," Carstensen wrote.
Internet users who don't want to rely on their ISP's DNS services can use Google's Public DNS. DNS servers translate domain names into IP addresses that can be called into a Web browser. Turkish Internet users turned to Google's Public DNS after the government imposed restrictions on the country's ISPs.
Internet monitoring firm Renesys said Sunday major internet provider Level 3's DNS service was also hijacked.
Turkish's national telecom provider, TurkTelekom, hijacked the DNS servers of both companies using the Border Gateway Protocol (BGP). Organizations and companies that run networks "announce" BGP routing, which is public information used in networking equipment to route traffic.
Occasionally, an organization will mistake and broadcast incorrect BGP information, inadvertently hijacking the traffic belonging to another network. But as in the cases of Google and Level 3, BGP changes can also be malicious.
People who try to use Google or Level 3 DNS services are "surreptitiously" redirected to alternate providers within TurkTelekom, wrote Earl Zmijewski, a vice president and general manager for Renesys, on a company blog.
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Platfora Big Data Analytics for Network Security Platfora amplifies the effectiveness of network security analysis, providing Big Data Analytics capability to augment existing security infrastructure for known threats, and advanced...
- Flying High on the Use of Red Hat Enterprise Linux Flybe was one of the 21 companies that were interviewed for quantitative results on their operations as part of an IDC ROI analysis....
- Data Protection eGuide In this eGuide, CSO and sister publications IDG News Service, Computerworld, and CIO pull together news, trend, and how-to articles about the increasingly...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Cyberwarfare White Papers | Webcasts