Skip to main content

Google traffic misdirected to China & Russia today, resulted in downtime for some services

Some Google users this afternoon reported that services, like YouTube, were slow or could not be accessed. The cause of this issue was company traffic being misdirected through ISPs in China, Nigeria, and Russia. Google is investigating the issue, but commented that there is no reason to believe this was an attack, with data encrypted for security

Reports of slowdowns and unavailability began at 1:12PM PST, according to the Google Cloud Status Dashboard that monitors uptime for the enterprise service. However, consumer apps like YouTube were also affected with users encountering slowdowns and reliant third-party services seeing other disruptions. G Suite applications like Gmail and Google Drive were not impacted, according to another dashboard.

The incident ended over an hour later at 2:35PM, with Google at 3:01PM describing the issue as “Google Cloud IP addresses being erroneously advertised by internet service providers other than Google”.

Throughout the duration of this issue Google services were operating as expected and we believe the root cause of the issue was external to Google. We will conduct an internal investigation of this issue and make appropriate improvements to our systems to help prevent or minimize future recurrence.

According to ThousandEyes, “traffic to certain Google destinations appears to be routed through an ISP in Russia & black-holed at a China Telecom gateway router.” China Telecom, Nigerian-provider MainOne, and Russian network operator TransTelekom were named by the security firm.

Google told the Wall Street Journal that no data was compromised with encryption preventing any exploit. Meanwhile, the company currently has no reason to believe that the incident was malicious.

Besides technical errors due to a misconfigured system, the WSJ raises the possibility that a malicious party might have tried to intercept the data.

If they have access to a large enough network operator, hackers can alter network maps stored on core internet routers through a system known as border gateway protocol, or BGP. Using BGP flaws to reroute data could let a hacker steal information, eavesdrop on traffic or send information into cyber oblivion, security researchers say.

Google is conducting an internal investigation into the incident.


Check out 9to5Google on YouTube for more news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Abner Li Abner Li

Editor-in-chief. Interested in the minutiae of Google and Alphabet. Tips/talk: abner@9to5g.com