Home >> Internet >> The ‘Great Cannon’ of China is confirmed behind Github attack

The ‘Great Cannon’ of China is confirmed behind Github attack

Citizen Lab, ICT security and human rights lab if the Munk School of Global Affairs in Toronto has confirmed China’s role in the hacking attack on Github. Last month, China had also launched an attack against blocked American websites, which were accessed by Chinese citizens.great-cannon-china-attack-github

Github face a five-day denial-of-service attack and was suspected to have originated from China. Though IT representatives from the country convinced that they had no role in the attack, researchers have identified the ‘Great Cannon of China’ behind the attack. Great Cannon, also known as Great Firewall is a way of exploiting Internet filter to redirect enormous amount of traffic onto targets.

“The operational deployment of Great Cannon represents a significant escalation in state-level information control,” said the researchers.

According to the report published on Friday, China intercepts and re-purposes web traffic by injecting malicious code. The system used for intercepting Baidu, China’s search engine and attacking Github.com. Non-profit GreatFire.org that provides mirror images of blocked sites in China was also attacked. The sites continued to work normally, despite the continuous attacks on Thursday.

Edward Snowden stated that the Great Cannon is similar to QUANTUM as that malware is planted on millions of computers. Citizen Lab claimed that a simple tweak in the system’s configuration would allow the operator to deliver the malware to any individuals on the Chinese server. The discovery of the malware is an indication to businesses to improve their cryptographic protection.

While NSA and other agencies use similar programs for surveillance, Great Cannon. The program indicated the government’s intention to gain greater control over the Internet. Security expert James A. Lewis stated that President Xi Jinping wanted tighter control, to remove any challenges to the party. China’s Internet czar Lu Wei has reportedly asked the International community to respect the country’s policies.

Here’s what the report says:

In the attack on GitHub and GreatFire.org, the GC intercepted traffic sent to Baidu infrastructure servers that host commonly used analytics, social, or advertising scripts.  If the GC saw a request for certain Javascript files on one of these servers, it appeared to probabilistically take one of two actions: it either passed the request onto Baidu’s servers unmolested (roughly 98.25% of the time), or it dropped the request before it reached Baidu and instead sent a malicious script back to the requesting user (roughly 1.75% of the time).  In this case, the requesting user is an individual outside China browsing a website making use of a Baidu infrastructure server (e.g., a website with ads served by Baidu’s ad network).  The malicious script enlisted the requesting user as an unwitting participant in the DDoS attack against GreatFire.org and GitHub.

[ Source ]

About Anirudh Madhav

A movie buff, a bookworm, and a compulsive doodler. All posts by Anirudh

Leave a Reply

Your email address will not be published. Required fields are marked *