BGP Hijacking: Telegram vs Reliance

Earlier today, we received news of a ban on the messaging platform Telegram across India. Apple and Google were advised to delist the application from their respective stores in the region. These instructions came from MeitY (Ministry of Electronics and Information Technology) to mitigate any potential exam fraud ahead of the NEET re-examination. Jio, Airtel, and Vodafone Idea had already begun implementing this block as instructed.

Later in the evening, Telegram CEO Pavel Durov released a tweet making serious allegations that access to his messaging platform was sabotaged by the Indian conglomerate, Reliance, via a BGP hijacking technique. While Pavel attached an image to substantiate his claims, we do not yet have an official response from Reliance on this matter. India is one of the largest markets for Telegram.

Pavel is indirectly pinning this allegation on Meta via its stake in Reliance. Again, this is strictly his claim, and both Reliance and Meta have yet to respond.

As a publication focused on technology, we are not primarily concerned with the controversy surrounding this news. However, when I came across this story, I wanted to briefly introduce the topical matter before diving into the actual subject of this post: BGP Hijacking.

What is BGP Hijacking?

BGP is the central pillar that holds the global internet together. It is a massive framework containing thousands of smaller, independent entities and networks. BGP is the protocol these networks use to communicate with each other. Technically, BGP decides where data goes; it is the navigation system that powers the internet.

In networking terms, BGP is an exterior gateway protocol that facilitates the exchange of routing information between these independent entities, also known as Autonomous Systems (AS), within the network of networks we call the internet.

How Would Anyone Hijack It?

BGP hijacking is an illegitimate technique leveraged to take over a set of IP addresses, leading to the corruption of the IP tables maintained by BGP. Because BGP was fundamentally designed to trust all its peers, this technique can have dangerous ramifications when employed.

Imagine a scenario where a peering network says, “Hi, I know how to get to this route.” BGP’s built-in trust mechanism assumes this statement is the truth.

If a malicious network due to either a misconfiguration or malicious intent falsely announces routes or prefixes that it does not own, surrounding networks will trust the announcement, thus polluting the routing tables. Consequently, traffic meant to go to Network A will be diverted to Network B.

Here are a few key ways this hijacked traffic is handled:

• Blackholing: Dropping all the diverted traffic using a null route.
• Snooping: eading or intercepting unencrypted data as it passes through.
• Impersonation: Creating false routes by claiming to be a network that it is not.

A Practical Example:

Let’s assume I operate an independent ISP in South Asia called South Asia Telecom, operating under the administrative entity AS-12345.

Now, I advertise to my peers that I possess the correct route to reach Akamai and Cloudflare—two cybersecurity giants that power more than half the internet. I intercept this traffic and then throw the packets away using a null route (blackholing). Imagine this route propagating to my peers. This could be devastating, potentially bringing down a majority of the critical internet applications powered by these two giants.

However, since this is a small ISP, the blast radius is unlikely to be massive. The internet has evolved, and we now have much better protections in place, including cryptographic validations (which Akamai and Cloudflare heavily promote), upstream filtering, and direct peering.

The Threat of a Tier-1 Hijack

Imagine, however, if a giant like AT&T did the same thing. The effects would be catastrophic.

Most of the internet honors and respects when a Tier-1 ISP speaks, as Tier-1 networks form the very backbone of the internet. From a technical standpoint, this massive scale is precisely why analyzing these allegations, even if they remain completely unverified, serves as a valuable case study. It helps us understand the theoretical impact of a routing anomaly involving a major national network like Reliance. While Reliance may not yet be a global Tier-1 out of India like Tata Communications, but they are a national Tier-1 and a giant network in their own right.

Even with Tier-1 providers, our previous theory still holds: networks that strictly enforce verification through cryptographic signatures would not trust AT&T’s false route. However, the massive casualties would be the downstream providers and customers that rely implicitly on AT&T. Anycast IPs matter here as well, other networks and backbone providers would still likely find a legitimate path before getting dragged into AT&T’s null route.

Disclaimer: This example is intended solely to illustrate the technical severity of BGP routing vulnerabilities. We mention these organizations strictly for theoretical context, and this discussion does not imply any verification of the current allegations or taking a stance on the ongoing situation. Our goal is simply to explore a high-stakes, often overlooked layer of the internet infrastructure.