Internet activists blame China for cyber-attack that brought down GitHub

31 Mar 2015 | Author: | No comments yet »

China Appears to Attack GitHub by Diverting Web Traffic.

Activists battling internet censorship in China said Monday they had proof a massive online assault on their websites had been coordinated by the Chinese authorities. HONG KONG — The Chinese government has long used a sophisticated set of Internet filters known as the Great Firewall as a barrier to prevent its citizens from obtaining access to foreign websites with information it deems threatening.According to The Wall Street Journal, the ongoing cyber assault directed massive volumes of traffic from China’s popular Baidu search engine to GitHub, paralyzing GitHub’s website in what appears to be an attempt to shut down anti-censorship tools.

Online code repository GitHub continues to face a distributed denial-of-service (DDoS) attack on Monday, which the company reported is the largest attack in GitHub.com’s history. In recent days, popular coding service GitHub faced a massive denial of service (DDoS) attack – an online attack aimed at bringing down a service by overloading it with fake traffic. Citing unnamed security experts, the Journal said traffic was directed specifically to two GitHub pages with links to websites that are banned in China—one from Greatfire.org that helps users circumvent government censorship, the other the New York Times’ Chinese-language site. The attack began on Thursday and still continues, according to GitHub’s status page and Twitter accounts, though the company says now that all its systems are reporting at 100%. As of press time, Greatfire’s website was reporting a connection error; the company has asked Twitter users to send samples of the code behind the attack.

In a statement on the GreatFire.org blog, an activist identified as “Charlie” wrote: “On March 17th 2015, our websites and partner websites came under a DDoS attack. In a blog post from last week, GitHub said there were a number of vectors being used in this attack, including some new and sophisticated techniques that involved using the web browsers of unsuspecting users to flood the GitHub site with traffic.

The aggressive new strategy shows vividly how Beijing is struggling to balance its desire to control the flow of information online with the aim of encouraging the growth of its tech sector. Specifically, security experts report that the attackers were redirecting search traffic from overseas users of the Chinese search engine Baidu, and were targeting two pages in particular. We believe this is a major cybersecurity and economic threat for the people of China.” After consulting with independent researchers and the internet community, GreatFire claims to have established that the attack was made by hijacking the account of millions of global internet users, inside and outside China. Because GitHub is fully encrypted, China’s domestic web filters cannot distinguish between pages that host code useful to programmers and code that circumvents censorship. According to GreatFire, Baidu’s Analytics code – a service that tracks and reports website traffic – was one of the files replaced by malicious code.

In 2013, when the government fully blocked GitHub, it caused an outcry among China’s many computer engineers, leading to the site’s subsequent unblocking. While GitHub didn’t confirm which pages were under attack, it did say in its blog post that: “based on reports we’ve received, we believe the intent of this attack is to convince us to remove a specific class of content.” Baidu, meanwhile, has denied that its systems have been compromised and denied involvement in the attack. “After careful inspection by Baidu’s security engineers, we have ruled out the possibility of security problems or hacker attacks on our own products,” a statement provided by the company offered. In particular, because the traffic comes from real users scattered across the globe, instead of a concentrated network of infected computers, it is hard to sort the real traffic from the fake. But it appears that signals to or from Baidu ads and analytics tools are being redirected toward the targeted sites when users outside China visit a site inside China.

Here you can write a commentary on the recording "Internet activists blame China for cyber-attack that brought down GitHub".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site