US Coding Site GitHub Disrupted by Cyberattack

30 Mar 2015 | Author: | No comments yet »

An onslaught of internet traffic paralyses US coding website.

According to The Wall Street Journal, the ongoing cyber assault directed massive volumes of traffic from China’s popular Baidu search engine to GitHub, paralyzing GitHub’s website in what appears to be an attempt to shut down anti-censorship tools.Online code repository GitHub continues to face a distributed denial-of-service (DDoS) attack on Monday, which the company reported is the largest attack in GitHub.com’s history.

As a cyber attack on GitHub enters its fourth day, the company said the nature of the threat “has evolved” and that the coding site is continuing its battle to counter the threat. Citing unnamed security experts, the Journal said traffic was directed specifically to two GitHub pages with links to websites that are banned in China—one from Greatfire.org that helps users circumvent government censorship, the other the New York Times’ Chinese-language site. The attack began on Thursday and still continues, according to GitHub’s status page and Twitter accounts, though the company says now that all its systems are reporting at 100%. The attack on San Francisco-based GitHub, a service used by programmers and major tech firms worldwide to develop software, appears to underscore how China’s internet censors increasingly reach outside the country to clamp down on content they find objectionable. The country is often blamed for attacking web properties, governments, businesses, industries, utilities and its own people’s civil liberties, so to find it fingered again is no surprise.

As of press time, Greatfire’s website was reporting a connection error; the company has asked Twitter users to send samples of the code behind the attack. In a blog post from last week, GitHub said there were a number of vectors being used in this attack, including some new and sophisticated techniques that involved using the web browsers of unsuspecting users to flood the GitHub site with traffic. Then, in a tweet this morning from the GitHub status account, the company said: While GitHub has not gone down, its status page indicates that the response time of the site has started to slow over the past six hours.

Attack traffic continues, so we remain on high alert.” The same messages was tweeted by the company about 12 hours before. “It is reprehensible that the censorship policies and actions of a nation-state are affecting” the largest code host in the world, Richard Bejtlich, chief security strategist at FireEye, wrote in a recent blog post.”The Chinese government is forcing GitHub to expend its private resources in order to continue serving its customers.” Baidu told the Journal that it wasn’t involved in the attack, and its systems weren’t infiltrated. “After careful inspection by Baidu’s security engineers, we have ruled out the possibility of security problems or hacker attacks on our own products,” the company told the newspaper. Specifically, security experts report that the attackers were redirecting search traffic from overseas users of the Chinese search engine Baidu, and were targeting two pages in particular. Dave Larson, CTO of Corero Network Security, praised GitHub for its response, but wondered how long the site will be able to keep its defences up while relying on its current tools. “We are seeing more often that DDoS attacks against web servers evolve over a period of 24-48 hours until they take down a site or their perpetrators give up and move on.

GitHub has done the right thing in keeping its users informed of the status of the attacks,” he said. “But when the attackers are sufficiently motivated and have extensive resources, which is common when the perpetrators are powerful syndicates or state actors, as may be the case here, it is difficult to stay ahead of the attack if your response methodology relies on human analysts.” µ A bit closer to home, Rutgers University in New Jersey said it is also battling a DDoS attack, which possibly originated in Ukraine, NBC New York reported. Security experts told The WSJ that the attack appeared to be linked to Chinese authorities because the hackers were able to manipulate the traffic at a high level of China’s internet infrastructure, meaning it had to come from someone who had the ability to tamper with all the traffic coming into the country.

Here you can write a commentary on the recording "US Coding Site GitHub Disrupted by Cyberattack".

* Required fields
All the reviews are moderated.
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site