In a shocking development, the world's biggest search engine Google fell victim to internet hijack causing almost a two-hour service disruption and possible data theft.
Internet security firm ThousandEyes, which is a client of Google service noticed that Google search and also related G Suite for enterprises were disrupted between 1:00 pm PST (2:30 am IST) and 2:23 pm PST (3:53 am IST).
"The outage not only affected G Suite but also Google Search as well as Google Analytics. What caught our attention was that traffic to Google was getting dropped at China Telecom. Why would traffic from a San Francisco office traversing to Google go all the way to China? We also noticed a Russian ISP in the traffic path, which definitely sparked some concerns," noted ThousandEyes on its blog post. Also, the search traffic was also diverted to Nigeria-based Internet Service Provider (ISP).
Experts are hinting that there might be involvement of state-sponsored cyber teams, as China Telecom, TransTelecom and ISP MainOne are all controlled by governments of China, Russia and Nigeria, respectively.
It is believed that the cybercriminals used Border Gate Protocol (BGR) hijack techniques for an illegitimate takeover of groups of IP addresses by corrupting Internet routing tables and apparently diverted the search and also interrupted business causing the denial of service responses on G Suite. This technique can be used for espionage and financial theft.
Also, ThousandEyes also noted that search traffic diversion was primarily propagated by business-grade transit providers and did not impact consumer ISP networks as much.
But, more serious things can happen in future if Google or any technology company don't act now to fix loopholes in internet security. Recent search diversion was just "a war-game experiment" The Washington Times quoted, Henthorn-Iwane, security expert, as saying.
Google has not made any official comment on the disruption of G Suite service, just yet.