On August 17, 2022, an attacker was able to steal approximately $235,000 in cryptocurrency by employing a BGP hijack against the Celer Bridge, a service which allows users to convert between cryptocurrencies. In this blog post, I discuss this and previous infrastructure attacks against cryptocurrency services. While these episodes revolve around the theft of cryptocurrency, the underlying attacks hold lessons for securing the BGP routing of any organization that conducts business on the internet.

There is a key difference between having more data and having more answers. That was the theme for Kentik at Networking Field Day 29.

Distributed denial-of-service (DDoS) attacks have been a continuous threat since the advent of the commercial internet. The struggle between security experts and DDoS protection is an asymmetrical war where $30 attacks can jeopardize millions of dollars for companies in downtime and breaches of contract. They can also be a smokescreen for something worse, such as the infiltration of malware.

Technologies like virtualization and containerization have gained significant traction over the last decade as foundational tools for modern application development. As companies like Amazon (AWS), Microsoft (Azure), and Google (Google Cloud) started to invest in the hardware and software infrastructure required to support access to these virtualized resources, “the cloud” was born.

Earlier this year, Job Snijders and I published an analysis that estimated the proportion of internet traffic destined for BGP routes with ROAs. The conclusion was that the majority of internet traffic goes to routes covered by ROAs and are thus eligible for the protection that RPKI ROV offers. However, ROAs alone are useless if only a few networks are rejecting invalid routes.

The objective of Network Operator Confidential is to share our global internet market insights from recent months. Kentik, and our customers, have access to views and analysis of global internet traffic that no one else can match. In our first Network Operator Confidential webinar, I was joined by Doug Madory, Kentik’s director of internet analysis, and Grant Kirkwood, founder and CTO at Unitas Global.

Kentik brings real-world business context to the telemetry we collect and the analytics we provide. That’s the overarching theme I got from Networking Field Day: Service Provider 2. As I watched and listened to each presentation, it was pretty obvious to me that Avi, Steve, Doug, and Nina, all technical powerhouses, were a little less focused on packets and a little more focused on how we can improve network operations and a service provider’s ability to make smart business decisions.

Since the beginning of June this year, internet connectivity in the Russian-held Ukrainian city of Kherson has been rerouted through Crimea, the peninsula in southern Ukraine that has been occupied by Russia since March 2014. As I explain in this blog post, the rerouting of internet service in Kherson appears to parallel what took place following the Russian annexation of the Crimean peninsula.

Recently we caught up with the Sumo Logic team to discuss network visibility and optimizing application stack views. We took a look at their API and found that it would be easiest to use the HTTP Ingest method to send in our metric data.

Beginning at 8:44 UTC (4:44am EDT) on July 8, 2022, Canadian telecommunications giant Rogers Communications suffered a catastrophic outage taking down nearly all services for its 11 million customers in what is arguably the largest internet outage in Canadian history. Internet services began to return after 15 hours of downtime and were still being restored throughout the following day.