Why Did China's Internet Traffic Get Misdirected to Wyoming?

What's This?

Google Street View image of Wyoming Corporate Services, a business location where three-quarters of China's Internet traffic was misdirected Tuesday.

Image: Google Street View

By Christina Warren2014-01-23 03:41:35 UTC

As much as three-quarters of China's more than 500 million Internet users experienced some sort of service outage Tuesday.

The outage itself isn't strange — it's where the traffic was redirected. According to the The New York Times , traffic from roughly 75% of China's various DNS servers were redirected to a business based in Cheyenne, Wyo.

At around 3:15 p.m. local time Tuesday, Internet traffic throughout China — including traffic to large sites such as Sina Weibo — began to be redirected to a DNS address for a server in Wyoming, GreatFire.org, a website that monitors web censorship in China, reported. The problem spread to other major sites, impacting a significant portion of all Internet traffic.

The DNS glitch was caught within 25 minutes, but because of how DNS caching works, many users were unable to access websites for up to eight hours.

So why was the traffic redirected? And why was Wyoming the target?

Much of the traffic was redirected to Sophidea Inc., which is one of hundreds of companies that counts its place of registration as a modest two-story building in Cheyenne, according to The Times.

Reuters profiled the entity that "houses" these various companies — Wyoming Corporate Services — and described it as a kind of "little Cayman Island on the Great Plains." Wyoming Corporate Services acts as a registered agent for these firms, and won't reveal much about what they do without a court order.

The reasons for the redirection are unclear. Some Chinese news sources say it was part of a cyberattack, but security experts think that it was more likely a human glitch with the Great Firewall of China.

Some of the redirected addresses are owned by a company called Dynamic Internet Technology, according to GreatFire.org. This company is famous for making a product called FreeGate, which helps Chinese users get around Internet restrictions enforced by the Great Firewall.

Because of the way the DNS poisoning took place, GreatFire.org surmises that Chinese authorities meant to stifle any traffic to and from the Wyoming IP address block (thereby preventing users from using it as a way to tunnel through and access content verboten by the Great Firewall). But instead, authorities wound up redirecting all outbound traffic to the block. Given how quickly the problem was solved, this seems most likely.

The reality is, we probably won't ever know why 500 million Internet users were directed to a small building in Wyoming. The Internet is a funny place.

Have something to add to this story? Share it in the comments.

Topics: china, Great Firewall of China, internet, US & World, World, wyoming