YouTube breakdown could happen again

Share this article:
When officials in Pakistan blocked content from YouTube, it created two separate issues -- but neither one should have surprised anyone, a Gartner analyst said Wednesday.

“One issue is the actual blocking of content,” John Pescatore, vice president and research director at Gartner, told SCMagazineUS.com. “The other is that in doing so, it caused disruption to internet service.”

For two hours on Sunday, access to YouTube was interrupted around the globe. YouTube officials said they believe the outage was due to the Pakistan Telecommunication Authority's order to reroute traffic away from one particular YouTube URL.

The webpage in question was an anti-Islamic video trailer by Dutch politician Geert Wilders that Pakistani officials considered blasphemous. YouTube has since removed the video from its site. According to a company statement, the outage occurred when traffic was routed according to erroneous internet protocols, originating on a network in Pakistan.

While the Pakistan situation was widely covered because it caused YouTube to be unavailable for users worldwide, a government censoring internet content is not uncommon, Pescatore said.

“China does it,” he said. “Even in the United States, we block plenty of content.”

Even though visitors to the mailing list North American Network Operators Group (NAOG), an informal group of internet service providers, said the blocking underscores political issues infringing on both capitalism and security of the internet, Pescatore said he saw things in a different light.

“As the demand for internet access grows in other countries, it will cross into different cultures with different values,” he said. “In many Muslim countries, customers demand certain content be blocked before the internet is allowed in their homes. It isn't necessarily the government making these demands.”

Steve Bellovin, a professor of computer science at Columbia University in New York, said on his blog that he worries similar attacks may be launched by any group with knowledge of how to exploit an internet routing vulnerability.

"The added risk now is that the whole world has been told how easy it is to take networks off the air," he wrote. "I'm not particularly concerned about a national government doing this deliberately, e.g., to prevent any 'defamation' from being seen across the internet. That sort of thing is noticed and dealt with fairly expeditiously. I am worried about freelance attacks by hacktivists or simple mischief makers who have compromised ISP routers."

Pescatore added that the way Pakistan's telecom created a dummy route, which then created a series of errors that knocked out YouTube for all users, is a concern.

“It showed how easy it is to setup domain errors,” he said.  And it is likely that similar outages will happen in the future. What makes the internet so easy for people to use also makes it vulnerable for attacks.”

It is also important to remember, he added, that these interruptions to service happen all the time. “How many times have you gone to a website you know is working only to get a 404 error?” he asked.
Pescatore agreed with one point made by the NAOG users: The error highlighted the insecurity of Border Gateway Protocol (BGP) and the need for a more secure alternative, such as Secure Border Gateway Protocol (S-BGP). But don't expect a quick fix, he said.

“You can't change the infrastructure in mid-use,” Pescatore said. “I don't expect to see any changes in BGP for at least five years.”
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Company news: New hires at Accuvant, ZeroFox and ThreatStream

New hires at Accuvant, ZeroFOX and ThreatStream, while a divestiture at Juniper and an acquisition for BlackBerry.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff ...

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.