Another day, another story about China upping its censorship capabilities. But rather than blocking content from Chinese citizens, this time the government is actively targeting foreign sites.
Websites GitHub and GreatFire.org were the victims of China's newest flexing of muscle, a weapon that researchers are calling the Great Cannon. Initial reports suggested that China had accomplished the attacks through the use of its own Great Firewall, but researchers from the University of California, Berkeley and the University of Toronto have since recognized the system as something new.
READ MORE: China's biggest anti-censorship service faces unprecedented cyber attack
The attacks worked by intercepting requests from outside of China to search engine giant Baidu and injecting a script that causes users to participate in an assault on a targeted webpage, flooding it with bad traffic. The massive traffic spike overwhelms the webpage and causes it to crash. About 98 percent of requests are sent through normally, but the 2 percent that are affected adds up.
Perhaps most surprising is the apparent lack of effort on China's part in hiding their new capability. The attacks on Github and GreatFire.org continued for several days, long after damage control action had them up and running again, giving researchers the chance to study and dissect the offensive. The length for which the attacks continued seemed to show that China didn't care too much about keeping its ability secret, and may even have been showing off its new weapon to the world.
"I would assume China would've had this sort of capability," said Nicholas Weaver, a lead researcher on the report, "but I would've also assumed they wouldn't want to broadcast this to the world."
This kind of ability isn't unheard of. The National Security Agency's QUANTUM program revealed by Edward Snowden and Britain's GCHQ both have similar potential - but the Great Cannon is the most aggressive and public use of such force to date. The script can be avoided by making sure you're browsing over an encrypted connection, such as a VPN or an "https://" URL instead of the usual "http://".
In an ominous instance of foreshadowing, researchers say that the Chinese censors could have just as easily served malicious code in the form of malware attacks to visitors. We hope the Wilhuff Tarkins behind the Great Cannon will never reach this point, but we're not resting easy just yet.
WATCH: China has an official internet censorship song, and it just got censored
[Image via The Hacker News]
0 User Comments