Experts said it appeared that signals to and from Baidu, an Internet company based in Beijing, were being redirected. Credit David Gray/Reuters
HONG KONG — The Chinese government has long used a sophisticated set of Internet filters known as the Great Firewall as a barrier to prevent its citizens from obtaining access to foreign websites with information it deems threatening.
But in a recent series of attacks on websites that try to help Internet users in China circumvent this censorship, the Great Firewall appears to have been used instead as a weapon, diverting a portion of the torrents of Internet traffic that flow through it to overload targeted websites.
In doing so, the Chinese government is taking advantage of and damaging one of China’s own Internet companies: Baidu. The attacks appear to hijack advertising and analytics traffic intended for Baidu, China’s largest search company, and then send that traffic to smaller websites in what is known as a distributed denial of service or DDoS attack. The huge flow of traffic has the effect of crashing the sites.
Related Coverage
Q. and A.: Adam Fisk on Evading Internet Censorship in ChinaMARCH 30, 2015
Hackers Attack GreatFire.org, a Workaround for Websites Censored in ChinaMARCH 20, 2015
The aggressive new strategy shows vividly how Beijing is struggling to balance its desire to control the flow of information online with the aim of encouraging the growth of its tech sector.
The main target of the recent barrage is GitHub, a popular website that acts as a library of code for programmers. While it is indispensable for tech companies in China, it also hosts several pages that enable users to view sites blocked in the country.
Because GitHub is fully encrypted, China’s domestic web filters cannot distinguish between pages that host code useful to programmers and code that circumvents censorship. In 2013, when the government fully blocked GitHub, it caused an outcry among China’s many computer engineers, leading to the site’s subsequent unblocking.
The new attacks take more of a siege approach, hitting the site with a costly and difficult-to-manage barrage of traffic in the hopes it will remove two pages, one with code from GreatFire.org — a nonprofit organization that runs mirrors of blocked sites including Google, the BBC and The New York Times — and another that hosts links to mirror sites of the Chinese version of The Times.
Eileen Murphy, a spokeswoman for The Times, declined to comment on the attacks.
“This is a huge problem for free expression,†said Lokman Tsui, an assistant professor at the Chinese University of Hong Kong. He added that these attacks could lead sites like GitHub to decide it is too much trouble to host content deemed problematic by China.
“This is a message to the people who maintain GitHub: Either you kick out GreatFire and The New York Times, or we’ll keep this up,†said Mikko Hypponen, the chief research officer at the security firm F-Secure.
The new attacks come as Beijing has increased censorship in China, and grown more vocal about how the Internet should be governed globally. In a number of recent public appearances, China’s Internet czar, Lu Wei, has called for respect for China’s Internet sovereignty, meaning that China should have the right to manage the Internet within its borders as it wants.
But the GreatFire.org material on GitHub, which is based in San Francisco, offers an unusual exception. By offering code that unblocks sites within China, it is assumed to be violating Chinese laws from abroad. James Andrew Lewis, a senior fellow at the Center for Strategic and International Studies, said the attack was an attempt to deal with extraterritoriality on the Internet.
“China is trying to redefine the rules of the Internet and they’re feeling their way forward as they do it,†he said. “This is one of another set of actions to say China will have a bigger voice in how the Internet works.â€
He added that the United States had reacted strongly to distributed denial of service attacks by Iran in the past, and in this case the Obama administration could increase pressure and enact stiffer penalties against China if these types of attacks continue.
If the style of the most recent wave of attacks is well known, novel elements present major difficulties for those seeking to keep the site up, according to a number of security experts. In particular, because the traffic comes from real users scattered across the globe, instead of a concentrated network of infected computers, it is hard to sort the real traffic from the fake.
Experts said they could not be certain who was behind the attacks. But it appears that signals to or from Baidu ads and analytics tools are being redirected toward the targeted sites when users outside China visit a site inside China. Because the signals seem to be diverted at the gateway between China and the rest of the world, analysts suspect the government and the Great Firewall.
China Appears to Attack GitHub by Diverting Web Traffic - New York Times
No comments:
Post a Comment