(Adds that U.S. China Economic and Security Review Commission will investigate issue, comment from security expert)
By Jane Lanhee Lee and Paresh Dave
SAN FRANCISCO, Nov 13 (Reuters) - Nigeria’s Main One Cable Co took responsibility on Tuesday for a glitch that temporarily caused some Google global traffic to be misrouted through China, saying it accidentally caused the problem during a network upgrade.
The issue surfaced on Monday afternoon as internet monitoring firms ThousandEyes and BGPmon said some traffic to Alphabet Inc’s Google had been routed through China and Russia, raising concerns that the communications had been intentionally hijacked.
Main One said in an email that it had caused a 74-minute glitch by misconfiguring a border gateway protocol filter used to route traffic across the internet. That resulted in some Google traffic being sent through Main One partner China Telecom, the West African firm said.
Google has said little about the matter. It acknowledged the problem on Monday in a post on its website that said it was investigating the glitch and said it believed the problem originated outside the company. The company did not say how many users were affected or identify specific customers.
Google representatives could not be reached on Tuesday to comment on Main One’s statement.
Even though Main One said it was to blame, some security experts said the incident highlighted concerns about the potential for hackers to conduct espionage or disrupt communications by exploiting known vulnerabilities in the way traffic is routed over the internet.
The U.S. China Economic and Security Review Commission, a Washington-based group that advises the U.S. Congress on security issues, plans to look into the issue, said Commissioner Michael Wessel.
“We will work to gain more facts about what has happened recently and look at what legal tools or legislation or law enforcement activities can help address this problem,” Wessel said.
Glitches in border gateway protocol filters have caused multiple outages to date, including cases where traffic from U.S. internet and financial services firms was routed through Russia, China and Belarus.
Yuval Shavitt, a network security researcher at Tel Aviv University, said it was possible that Monday’s issue was not an accident.
“You can always claim that this is some kind of configuration error,” said Shavitt, who last month co-authored a paper alleging that the Chinese government had conducted a series of internet hijacks.
Main One, which describes itself as a leading provider of telecom and network services for businesses in West Africa, said that it had investigated the matter and implemented new processes to prevent it from happening again. (Reporting by Jane Lanhee Lee and Paresh Dave in San Francisco Editing by Jim Finkle, Tom Brown and Frances Kerry)