Chinese ?°Great Cannon?± Identified Behind GreatFire Attacks
Source: Nicholas
Last month, the censorship monitoring and circumvention project GreatFire.org was the target of two major Distributed Denial of Service (DDoS), including one aimed at the code-sharing site GitHub which hosts two of the group’s pages. Visitors to some Chinese sites from outside the country were unwittingly “weaponized” in an effort to swamp servers with bogus traffic. This hijacking appeared to take place as traffic entered China, crossing the Great Firewall.
On Friday, researchers based at the University of Toronto’s Citizen Lab, the International Computer Science Institute, the University of California at Berkeley, and Princeton University reported that the attacks were conducted using a potent new tool, dubbed “the Great Cannon.” They describe the weapon as separate from the Great Firewall, but say that the two systems’ shared code and network location help compellingly link it to the Chinese government. From Nicole Perlroth at The New York Times:
China’s new Internet weapon, the report says, is similar to one developed and used by the National Security Agency and its British counterpart, GCHQ, a system outlined in classified documents leaked by Edward J. Snowden, the former United States intelligence contractor. The American system, according to the documents, which were published by The Intercept, can deploy a system of programs that can intercept web traffic on a mass scale and redirect it to a site of their choosing. The N.S.A. and its partners appear to use the programs for targeted surveillance, whereas China appears to use the Great Cannon for an aggressive form of censorship.
[…] Still, the Chinese program illustrates how far officials in Beijing are willing to go to censor Internet content they deem hostile. “This is just one part of President Xi Jinping’s push to gain tighter control over the Internet and remove any challenges to the party,” said James A. Lewis, a cybersecurity expert at the Center for Strategic Studies in Washington.
[… Co-author Bill] Marczak said researchers’ fear is that the state could use its new weapon to attack Internet users, particularly dissidents, without their knowledge. If they make a single request to a server inside China or even visit a non-Chinese website that contains an ad from a Chinese server, the Great Cannon could infect their web communications and those of everyone they communicate with and spy on them.
| }
|