Hacking at scale
Targeting a single machine or network is all well and good, but some people (or nation states) dream bigger.
On at least one occasion last year, great swathes of Internet traffic (belonging to high-profile companies like Facebook, Apple and Google were rerouted through Russian networks. These kind of Border Gateway Protocol (BGP) hacks have long been warned about, since BGP was invented essentially as a band aid. The internet is a network of networks, so-called Autonomous Systems, and these are all meant to announce their peering arrangements and connectivity in an open and honest manner, so traffic can be routed swiftly and efficiently. There aren’t any concrete defences against abuse of this system though, and the BGPmon website ( bgpmon.net) regularly reports anomalous route announcements. BGP is complicated, so many of these will be the result of human error, but a sinister story may lurk behind others.
In May of 2018 it was discovered that malware dubbed VPNFilter had infected more than half a million home and small office routers. Analysis of the malware found it was able to traverse firewalls, spy on traffic and could even brick routers (possibly to hamper any forensic analysis). It exploited known vulnerabilities which hardware providers/ISPs should really have patched, although the user must take some responsibility here too. VPNFilter injects malicious content into web pages, and attempts to spy on HTTPS connections via an SSL stripper. The combination of widespread infections like VPNFilter and large-scale BGP hacking paint a chilling picture of how fragile the infrastructure we rely on really is.