China has been in the cross hairs of Google and the US State Department recently thanks to the discovery that hackers had used extremely clever espionage techniques to get access to Google's networks (and at least 30 other major corporations.) Infiltrating target networks is one thing. What about bringing out the big guns? BGP route announcements.
While resilient, the Internet suffers from a glaring vulnerability: the impact of spurious BGP route announcements. Anyone can issue instructions to the basic building blocks of the Internet, the backbone routers, that, if accepted, will seriously disrupt the function of the Internet. This was dramatically demonstrated in the mid-90's when a neophyte engineer at an ISP in Florida entered a new route in his routers that was picked up by his upstream provider and shared with the rest of Internet. For most of a day anyone who attempted to go to AOL.com was routed to his network. This pretty much shut down the Internet in the South East US.
Similarly, Pakistan took YouTube off the Internet in early 2008, which led to Pakistan being taken off the Internet as well. Now we discover that in March one of China's ISPs leaked routes to it's one of the top level domain name server that is maintained within their borders. This had the globally minor, but real, impact of imposing China's censorship of Twitter, FaceBook, etc. on those affected. (Inside China, people are redirected to other sites if they attempt to use these services.) For a complete description of this incident see the excellent report from the network watchdogs at Renesys.
The malicious announcement of BGP routes could temporarily completely disrupt Internet traffic for any network and could have spillover effects that could take an entire country offline, as happened in the Pakistan-YouTube incident. Using BGP route announcements to cause damage is the most powerful cyber-weapon available. ( In a blatant attempt to get Wired Magazine to froth at the mouth let's call it a cyber-nuke attack.)
Yesterday, the folks at BGPMon, who monitor such things, discovered that IDC-China Telecom had leaked spurious route announcements for such popular sites as dell.com, cnn.com, www.amazon.de, www.rapidshare.com causing them to be unreachable for some users.
Thousands of network routes where essentially hijacked yesterday by Chinese ISPs. Was this intentional? BGPMon speculates that it was an accident, which is reasonable since there are no documented cases of anyone ever issuing malicious route announcements. They are always user-errors. But if one were to contemplate developing offensive cyber weapons wouldn't you test them occasionally to see if they worked?