India’s BGP Hijack of Telegram Disrupts Access in India and the UAE
What Happened — India invoked Section 69A of its IT Act to block Telegram nationwide. Telegram’s CEO alleges that Indian telecom Reliance (AS 18101) performed a BGP hijack, announcing Telegram’s IP prefixes and causing routing disruption that extended to users in the United Arab Emirates.
Why It Matters for Compliance & Audit Readiness
- BGP hijacking demonstrates a gap in network‑routing controls that SOC 2 CC6.1 (Network Security) expects organizations to monitor and validate.
- Continuous evidence of route‑origin validation (e.g., RPKI) and third‑party network behavior is essential to prove due diligence during an audit.
- Documenting the incident and the remediation steps provides a defensible audit trail for any future regulatory or contractual review.
Who Is Affected – Messaging SaaS platforms (Telegram), telecom operators, enterprises that rely on Telegram for communication, and end‑users in India and the UAE.
Recommended Actions – Map BGP security to SOC 2 controls, enable RPKI validation, implement real‑time route‑monitoring, collect routing logs as audit evidence, and update vendor‑risk assessments for telecom partners. Source: BleepingComputer
Technical Notes – Attack vector: BGP hijack (misconfiguration/unauthorized route announcement). Autonomous System AS18101 announced Telegram prefixes; RPKI filtering limited propagation but did not prevent service loss. No CVE; data at risk was communications traffic, not content. Source: BleepingComputer