- Mike Pence, who fueled HIV outbreak, is now in charge of coronavirus outbreak Wednesday 9:15 PM
- Distressing TikTok shows woman being sexually harassed Wednesday 7:49 PM
- Dele Alli charged with misconduct for video mocking Asian man over the coronavirus Wednesday 7:18 PM
- Teen says she is suicidal after bullying video goes viral Wednesday 6:01 PM
- Trump supporters claim Reddit is staging a coup against The_Donald Wednesday 5:58 PM
- Conservative parliament member’s teabag photo spills serious tea Wednesday 5:27 PM
- Right-wing conspiracy theorists see coronavirus as a plot against Trump Wednesday 5:25 PM
- Chapo Trap House among leftist channels banned on Twitch for streaming Democratic debate Wednesday 4:20 PM
- Meet Ryker, the world’s worst service dog Wednesday 4:01 PM
- Far-right blogger claims Trump ordered arrest of Julian Assange Wednesday 3:47 PM
- Reddit man wants to tell people he’s been with his girlfriend for one year instead of 6—for an incredibly dumb reason Wednesday 2:18 PM
- John C. Reilly’s son Leo is a TikTok star Wednesday 1:58 PM
- ‘Vanderpump Rules’ recap: A friendship sails Wednesday 1:52 PM
- For celebs, Kobe Bryant tattoos are all the rage Wednesday 1:01 PM
- The internet has discovered Jim and Pam Halpert’s daughter—and she’s on TikTok Wednesday 12:32 PM
You should know about China’s terrifying new cyberweapon, the ‘Great Cannon’
It’s similar to a cyberweapon developed by the NSA.
China possesses a weapon of mass disruption and is using it to attack sites that help users defeat online censorship, according to a cadre of academic researchers.
Services that allow China’s Internet users to view websites blocked by the Great Firewall of China—a powerful censorship tool that blocks certain websites outlawed by the government—have been under fire by what researchers have termed the “Great Cannon.”
The tool was recently used to take down GitHub, a popular site among programmers, and GreatFire.org, a site devoted to monitoring Chinese censorship. Code hosted by GitHub is used by GreatFire—along with a Chinese version of the New York Times—to allow Chinese users to circumvent the GFW.
We’ve been under continuous DDoS attack for 24+ hours. The attack is evolving, and we’re all hands on deck mitigating.
— GitHub Status (@githubstatus) March 27, 2015
On March 27, Github posted on its official blog:
We are currently experiencing the largest DDoS (distributed denial of service) attack in github.com’s history. The attack began around 2AM UTC on Thursday, March 26, and involves a wide combination of attack vectors. These include every vector we’ve seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic. Based on reports we’ve received, we believe the intent of this attack is to convince us to remove a specific class of content.
The ongoing DDoS attack has changed tactics. We are experiencing intermittent service outages and working to mitigate.
— GitHub Status (@githubstatus) March 29, 2015
After 113 hours of sustained DDoS attacks our defenses are holding. We will keep our status at yellow until the threat has subsided.
— GitHub Status (@githubstatus) March 30, 2015
Hour 118: Mitigation remains effective and service is stable.
— GitHub Status (@githubstatus) March 31, 2015
Everything operating normally.
— GitHub Status (@githubstatus) March 31, 2015
GitHub managed to eventually mitigate the flood of traffic and was operating normally at press time, despite the continued attacks.
“We believe the intent of this attack is to convince us to remove a specific class of content.”
However, researchers at the University of California, Berkeley, and University of Toronto-based Citizen Lab, say the GFW is not the source of the attack. Instead, the so-called “Great Cannon,” a new weapon for censorship in China’s arsenal, is responsible for injecting malicious code into the browsers of unsuspecting users, essentially hijacking their computers, and creating an influx of traffic to overwhelm China’s targets.
“The operational deployment of the Great Cannon represents a significant escalation in state-level information control: the normalization of widespread use of an attack tool to enforce censorship by weaponizing users,” writes Citizen Lab. “Specifically, the Cannon manipulates the traffic of ‘bystander’ systems outside China, silently programming their browsers to create a massive DDoS attack.”
The Great Cannon, according to Citizen Lab, is comparable to a system developed by the National Security Agency code named QUANTUM, which provides for a wide range of injection-based attacks. According to documents produced by Edward Snowden, the NSA weapon was reportedly used by the British government for the exploitation of Belgacom, a state-owned Belgian telecom company.
According to a report by GreatFire.org, the Great Cannon was used to intercept Web traffic intended for the Chinese search engine Baidu. Netresec reported last month that only about 1 percent of requests to Baidu received the malicious injection in return. “So in 99 percent of the cases everything behaves just like normal,” researches said.
Baidu has reportedly denied any involvement and said it would work to prevent future attacks, adding: “Service interruptions could reduce our revenues and profits and damage our brand if our systems are perceived to be unreliable.”
“The attack launched by the Great Cannon appears relatively obvious and coarse: a denial-of-service attack on services objectionable to the Chinese government,” Citizen Lab concluded. “ Yet the attack itself indicates a far more significant capability: an ability to ‘exploit by IP address’. This possibility, not yet observed but a feature of its architecture, represents a potent cyberattack capability.”
Illustration by Max Fleishman
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.