IP Hijacking Attack Targets Financial Institute in Tel Aviv
Banks, credit card companies, insurance companies, stock exchanges, stock brokers and other financial institutions around the world transmit and receive massive amounts of data over the Internet, some of it containing sensitive data or including confidential information not intended for prying eyes to see. It is not surprising that numerous interested groups are implementing extensive measures to put their hands on this information.
Additionally, for companies that are active in the financial arena, the time it takes for information to arrive at its destination is crucial. Frequently, companies are contractually obligated to ensure no customer gets an unfair advantage by receiving information before anyone else. If this happens, they are liable for serious penalties, extortion and customer abandonment.
Traffic Intended for Tel Aviv is Hijacked to Mexico
On November 8th, 2016, BGProtect detected the hijacking of traffic sent from multiple cities in North America to an important financial institution in Israel. During normal operation, all traffic between these sites is routed through England or Germany directly to Tel Aviv. The normal routing of traffic from Ottawa is shown in Fig. 1. However, when the attack began, the traffic was diverted to Cuidad Juarez in Mexico before being routed to California and on to its intended destination via Germany, as can be seen in Fig. 2. Cuidad Juarez is well known of being under the control of local organized crime groups. In addition to the serious potential of being exposed to damaging manipulation, all traffic suffered a significant delay before reaching its destination.
Fig. 1: Map Showing Normal Route Between Ottawa, CN. And Tel Aviv
Fig. 2: Map Showing Deflected Routing via Mexico