Code-hosting site GitHub is being subjected to an ongoing denial of service (DDoS) attack, the largest in its history — and the Wall Street Journal suggests the Chinese government could be to blame.
A DDoS attack works by overwhelming a website with traffic, often sent from a “botnet” of hijacked computers controlled by the attacker. This sudden flood of traffic can prevent legitimate visitors from accessing the website under attack, and can even overwhelm and crash the site’s servers, taking it totally offline.
GitHub, a site that lets developers upload and work collaboratively on coding projects, has been targeted by an ongoing DDoS attack since Thursday. The attack targets two pages, the Wall Street Journal reports — one linking to the New York Times’ Chinese site, and a page operated by censorship-monitoring organisation GreatFire.
China has strict Internet filtering, known informally as the “Great Firewall of China” — and the New York Times is among the thousands of websites blocked. GreatFire keeps tabs on this censorship and aims to “bring transparency” to the firewall.
According to security firm F-Secure executive Mikko Hyponen, the attack may well have been perpetrated by Chinese authorities. He told the WSJ that the hackers had access to a “high level of China’s Internet infrastructure,” suggesting that “it had to be someone who had the ability to tamper with all the Internet traffic coming into China.”
GitHub wrote on its blog that the attack includes “every vector we’ve seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic. Based on reports we’ve received, we believe the intent of this attack is to convince us to remove a specific class of content.”
Earlier in March, GreatFire’s website was also targeted by a DDoS directly. At the time, the organisation said that it doesn’t “know who is behind this attack. However the attack coincides with increased pressure on our organisation over the last few months. The Cyberspace Administration of China (CAC) publicly called us ‘an anti-China website set up by an overseas anti-China organisation’… Recently we noticed somebody was trying to impersonate us to intercept our encrypted email.”
GreatFire has also posted evidence purporting to show that the CAC has recently launched man-in-the-middle impersonation attacks on Google — another American tech company.
Debate has flared up over foreign attacks on US companies following the devastating hack on Sony Pictures late last year. US Director of National Intelligence James Clapper subsequently named North Korea as responsible for the attack. President Obama said that he doesn’t think it’s an act of war. “I think it as an act of cyber vandalism that was very costly, very expensive. We take it very seriously. We will respond proportionately.”