But the routers do not verify that the route “announcements,” as they are called, are correct. Mistakes in entering the information — or worse yet, a malicious attack — can cause a network to become unavailable.
It can also cause, for example, a company’s Internet traffic to be circuitously routed through another network it does not need to go through, opening the possibility the traffic could be intercepted. The attack is known as “route hijacking,” and can’t be stopped by any security product.
In March 2011, a researcher noticed that traffic destined for Facebook on AT&T’s network strangely went through China for a while. While the requests would normally go directly to Facebook’s network provider, the traffic first went through China Telecom and then to SK Broadband in South Korea before routing to Facebook. Although the incident was characterized as a mistake, it would have been possible for unencrypted Facebook traffic to have been spied on.