The incident, known as “BGP hijacking,” refers to a technique in which the internet’s Border Gateway Protocol is exploited to change where network traffic travels.
According to cloud security company ThousandEyes, the issue lasted roughly two hours and caused internet traffic to go through numerous locations including Nigeria, Russia, and China.
The issue “caused a massive denial of service to G Suite and Google Search” and also “put valuable Google traffic in the hands of ISPs in countries with a long history of internet surveillance,” a blog post from ThousandEyes said.
Despite concerns over what appeared to be malicious behavior, Google responded by stating that it did not see any evidence that the hijacking was intentional.
The Nigerian ISP, MainOne, alleged that the issue was inadvertent and caused by a misconfiguration during a planned network upgrade.
“The error was corrected within 74 minutes and processes put in place to avoid reoccurrence,” MainOne said.
We have investigated the advertisement of @Google prefixes through one of our upstream partners. This was an error during a planned network upgrade due to a misconfiguration on our BGP filters. The error was corrected within 74mins & processes put in place to avoid reoccurrence
— MainOne (@Mainoneservice) November 13, 2018
Google also argued that the traffic, despite temporarily going through hostile countries, was protected due to widespread encryption.
A recent transparency report noted that 94 percent of traffic to Google services is encrypted.
Monday’s incident comes only months after the release of a study from the U.S. Naval War College and Tel Aviv University accusing China of regularly hijacking U.S. internet traffic.