Internet censors in China are said to have developed an ?offensive system? that makes them capable of knocking international websites offline and install unwarranted software on computers around the world, according to a cybersecurity report released Friday.
In the name of Internet censorship
Aside from the Great Firewall, China is believed to be building a new way to intercept and redirect Internet traffic, says a new report from Citizen Lab, and ICT, security and human rights lab based within Munk School of Global Affairs at the University of Toronto. The report details the recent denial-of-service (DDos) attack against Github, a coding website based in San Francisco, CA, that had flooded the site with bad traffic for almost a week. The new capability, touted as the ?Great Cannon,? is seen as more powerful than China’s Great Firewall, which has been used to censor media critical of Beijing.
China’s cybersecurity administration had only been suspected as the source of various attacks, but the report discloses evidence in more damning detail. It shows that redirection has occurred as traffic enters China Telecom, indicating that it is part of the same infrastructure as China’s Great Firewall.
What it is and how it works
This Internet cannon is more commonly known in the hacking community as a ?Low Orbit Ion Cannon? (LOIC or WebLOIC). It is a type of computer program used to force traffic overloads (or DDoS) onto targeted websites. The process uses the Internet to blast out cyberattacks.
Research shows that the Great Cannon has already been used. The Citizen Lab report, which is authored by computer scientists from the University of Toronto, the University of California, Berkeley, the International Computer Science Institute, and Princeton University, determined that the Great Cannon was also behind the weeks-long attack that knocked down a Chinese version of the New York Times and GreatFire, anti-censorship group based in mainland China.The cannon did so with a complex, evolving version of a distributed DDoS attack.
The Great Cannon should not be seen as simply an extension of the Great Firewall, but rather a unique tool that hijacks traffic to individual IP addresses and can randomly replace unencrypted content by sitting between the end user and Web server. This shady method is known as a ?man-in-the-middle attack.?
The Chinese government have consistently denied any involvement in launching foreign cyberattacks. Moreover, China is not the only country that uses this kind of cyber weapon. The United States also has a similar program. According to the New York Times, the previous Edward Snowden leaks provided information that outlined U.S. government systems that are capable of intercepting and redirecting Internet traffic to a site of their choosing. However, report showing any instance where the U.S. has used an Internet cannon-type attack in domestic censorship have yet to surface.