As Ars explained previously, the attacks on the pages of anti-censorship service GreatFire.org and a mirror site of the New York Times Chinese edition had some novel characteristics. The junk traffic came from computers of everyday people who browsed to websites that use analytics software from Chinese search engine Baidu to track visitor statistics. About one or two percent of the visits from people outside China had malicious code inserted into their traffic that caused their computers to repeatedly load the two targeted GitHub pages. The malicious JavaScript was the product of the Great Cannon, which China uses to alter traffic passing over its backbone and takes no steps to conceal.
`The operational deployment of the Great Cannon represents a significant escalation in state-level information control: the normalization of widespread use of an attack tool to enforce censorship by weaponizing users,` the researchers from the University of California at Berkeley, the University of Toronto, and Princeton wrote in a report published Friday. `Specifically, the Cannon manipulates the traffic of `bystander` systems outside China, silently programming their browsers to create a massive DDoS attack.`
Not only China
Lest readers think that the Great Cannon is a tool unique to China`s repressive government, the researchers say it in many ways resembles the secret Internet backbone nodes known as Quantum that the National Security Agency and its British counterpart use to conduct targeted surveillance. While there is no evidence that US and British actors have used Quantum indiscriminately against such a large audience to perform a denial-of-service attack, the program makes it clear that the Great Cannon isn`t the only state-operated mechanism that can and does manipulate Internet traffic.
Read original article
No comments:
Post a Comment