A temporary government ban on Telegram in India has inadvertently disrupted service for users thousands of kilometres away in the United Arab Emirates, exposing a critical fragility in global internet routing infrastructure.
India ordered the ban — running until June 22 — after the messaging platform was used to circulate leaked examination papers, according to a report by BleepingComputer. However, the method used to enforce the block appears to have had far wider consequences than intended, knocking out Telegram connectivity for users well beyond Indian borders.
Accusations of BGP Hijacking
Telegram CEO Pavel Durov publicly accused Indian telecom operator Reliance Jio of carrying out a Border Gateway Protocol (BGP) hijack to block access to the app. BGP is the routing protocol that underpins the global internet, directing traffic between networks by advertising which paths data should take to reach its destination.
By injecting fraudulent BGP routes, a network operator can effectively divert or black-hole traffic destined for a particular service — in this case, Telegram's servers. Because BGP is built on a system of trust between network operators, a hijack originating from one large provider can cascade outward, affecting users connected through entirely different networks in other countries.
This is precisely what appears to have happened in the UAE, where users reported losing access to Telegram despite no local regulatory action against the platform. The collateral damage underscores a growing concern among network engineers and security researchers: national censorship actions, even when technically targeted, can produce unpredictable and widespread side effects due to the interconnected architecture of internet routing.
Workarounds and Broader Concerns
Affected users — both in India and the UAE — have been able to restore connectivity by configuring MTProto proxies within the Telegram application. MTProto is Telegram's proprietary transport protocol, and proxy support is built directly into the app's settings. By routing traffic through an intermediary server outside the blocked path, users can circumvent the BGP-level disruption.
While the workaround is effective for individual users, the incident raises more fundamental questions about the resilience of critical internet infrastructure. BGP hijacking is not a novel threat — it has been used for traffic interception, censorship, and even large-scale outages in the past. Yet the protocol remains largely secured by voluntary measures rather than mandatory safeguards.
Resource Public Key Infrastructure (RPKI), a security framework designed to validate BGP route announcements, has been gaining adoption among major network operators, but deployment remains uneven globally. Incidents like this one, where a domestic policy decision ripples across borders through routing manipulation, add urgency to the case for broader RPKI adoption and stricter route-origin validation.
Relevance Beyond the Region
For network administrators and security professionals globally — including those in Hong Kong managing enterprise infrastructure or cloud connectivity — the incident is a reminder that internet access is not purely a local matter. A routing decision made by a single large carrier in one country can cascade through the global routing table, disrupting services for users who have no connection to the original policy objective.
The temporary nature of the Indian ban, set to expire on June 22, does not diminish the technical lesson. Whether the trigger is censorship, a misconfiguration, or a deliberate attack, the underlying vulnerability in BGP remains the same — and the potential for cross-border collateral damage persists until more robust routing security measures become standard practice.
印度政府對Telegram實施的臨時禁令,已無意間導致數千公里外阿拉伯聯合酋長國的用戶服務中斷,暴露了全球互聯網路由基礎設施一個關鍵的脆弱性。
據BleepingComputer報導,印度下令實施這項禁令(將持續至6月22日),原因是該即時通訊平台被用於傳播洩露的考試試卷。然而,執行封鎖的方式似乎帶來了遠超預期的後果,令遠在印度境外的用戶喪失了Telegram的連接能力。
BGP劫持指控
Telegram行政總裁帕維爾·杜羅夫公開指控印度電訊營運商Reliance Jio進行邊界閘道協定(BGP)劫持,以封鎖對該應用的存取。BGP是支撐全球互聯網的路由協定,它透過廣播數據應經由哪些路徑到達目的地,來引導網絡之間的流量。
透過注入欺詐性的BGP路由,網絡營運商實際上可以轉移或黑洞定向特定服務的流量——在本例中即為Telegram的伺服器。由於BGP建立在營運商之間的信任體系之上,源自一個大型供應商的劫持可能會向外連鎖影響,波及透過完全不同的網絡連接的其他國家用戶。
這似乎正是在阿聯酋發生的情況,當地用戶回報無法存取Telegram,儘管該平台並未受到本地監管機構的針對性打擊。這一附帶損害凸顯了網絡工程師和安全研究人員日益增長的擔憂:即使在技術上具有針對性的國家審查行動,也可能由於互聯網路由的互聯架構而產生不可預測且廣泛的副作用。
解決方法與更廣泛的擔憂
受影響的用戶——無論是在印度還是阿聯酋——已經可以透過在Telegram應用程式內配置MTProto代理伺服器來恢復連接。MTProto是Telegram專有的傳輸協定,其代理支援功能直接內建於應用程式的設定中。透過將流量經由封鎖路徑之外的中介伺服器路由,用戶可以規避BGP層級的干擾。
雖然此解決方法對個別用戶有效,但該事件引發了對關鍵互聯網基礎設施韌性的更根本問題。BGP劫持並非新威脅——過去它已被用於流量攔截、審查,甚至大規模服務中斷。然而,該協定在很大程度上仍依賴自願措施而非強制性保障來維護安全。
旨在驗證BGP路由公告的安全框架「資源公鑰基礎設施」(RPKI)已獲得主要網絡營運商的採用,但全球部署情況仍不平衡。像本次事件這樣,國內政策決定透過路由操控產生跨境漣漪效應的案例,為更廣泛採用RPKI和實施更嚴格的路由來源驗證增添了緊迫性。
超越地域的關聯性
對於全球的網絡管理員和安全專業人員——包括在香港管理企業基礎設施或雲端連接的專業人士——此次事件是一個提醒:互聯網存取並非純粹的地方性事務。一個國家內單一的大型營運商作出的路由決定,可能會透過全球路由表產生連鎖反應,干擾那些與原政策目標毫無關聯的用戶的服務。
印度禁令的臨時性(定於6月22日到期)並未削弱這一技術教訓。無論觸發因素是審查、錯誤配置還是蓄意攻擊,BGP的底層脆弱性依然相同——在更強健的路由安全措施成為標準實踐之前,跨境附帶損害的潛在風險將持續存在。