WASHINGTON (Reuters) - China Telecom sent incorrect routing information last April that resulted in Internet traffic to major corporate websites and U.S. military and government sites being sent through China for 18 minutes, according to a report by a congressional advisory group.
The incident was one of several discussed by the U.S.-China Economic and Security Review Commission. Reuters obtained a copy of the draft report, which will formally be released on Wednesday.
In the hijacking incident, the Web traffic, much of which originated in the United States and was directed toward U.S. corporate and government websites, should have gone the shortest available route and not through China.
Some of the traffic was headed to sites owned by the U.S. Senate, the office of the secretary of defense, NASA and the Commerce Department, the draft said.
The commission said it was unclear whether the hijacking was intentional or whether any data was collected or stopped, or if the massive amount of data affected concealed a targeted attack.
“Evidence related to this incident does not clearly indicate whether it was perpetrated intentionally and, if so, to what ends. However, computer security researchers have noted that the capability could enable severe malicious activities,” the report said.
In all, the report said that 28 percent of all targeted phishing emails, a type of scam, originate in China. “Anecdotal reports about the success of these activities continue to surface, some with compelling links to the Chinese government,” the report said.
The report also discussed the battle between Google and China, which began with Google announcing that it had been hacked and that it would no longer censor searches for Beijing. Eventually, Beijing took over the job of censorship and renewed Google’s license to work in China.
The hackers reportedly got Google’s source code, perhaps the most valuable computer code in the world. Cyber experts are watching Baidu, Google’s competition in China, to see if it improves suddenly. Sudden improvement would indicate that Baidu was using Google code.
Google was unusual in that it announced that it had been hacked. Failure to report attacks has been a source of frustration for the FBI.
The U.S.-China Economic and Security Review Commission, which wrote the report, was set up in 2000 to advise the U.S. Congress on the economic and national security implications of the U.S.-China relationship.
Editing by Lisa Shumaker
Our Standards: The Thomson Reuters Trust Principles.