The Chinese government’s bid for online censorship has reached a new a pinnacle of control with a powerful denial-of-service weapon dubbed the “Great Cannon.” According to a report published earlier this month, security researchers at the University of California, Berkeley, and the University of Toronto, have determined that the source of the crippling DDoS attacks the brought down American websites last month was not the Great Firewall — China’s robust Internet filter — but something entirely new and in a class of its own.
Seeking to disrupt the services that allow Chinese nationals to view websites blocked by the Great Firewall, an overwhelming amount of Internet traffic was hijacked and funneled to the website GreatFire.org, a nonprofit that runs mirror sites of those blocked within China, and to GitHub, the open source code sharing site for programmers. Specifically, the attack sought to fill GitHub with an unmanageable amount of traffic in hopes of blackmailing its operators into removing a series of codes that permit users to circumvent the Great Wall. 
Simplified logical topology of the Great Cannon and Great Firewall. Image via Citizenlab.
In order to commence the attack, the Great Cannon needed to intercept advertising and analytics traffic intended for Baidu, China’s largest search engine, an action which would effectively damage Baidu’s bottom line as well as that of Chinese tech companies reliant on codes hosted on GitHub.
The effect of knocking the GitHub offline was secondary, or collateral damage, if you will, as China’s domestic web filters could not distinguish between the pages hosting the codes specifically deemed threatening, and all other content. Yet, the last time this issue occurred in 2013, the Chinese government was met with a flurry of protests from its own engineers, placing the Eastern nation in a difficult position as it struggles to balance information control with the desire to develop its tech industry.
How the Great Cannon was used in the GitHub and GreatFire.org attack. Image via Citizenlab.
Ironically, the most worrisome aspect of the Great Cannon that’s caught the cyber-security community's attention has more to do with the fact that it resembles the Internet weapon used by the US' National Security Agency and its British counterpart, GCHQ, to intercept web traffic and perform massive level targeted surveillance. The researchers suggest that the new tool is a few tweaks away from being able to survey anyone who obtains content hosted on a Chinese server or even by visiting non-Chinese websites that use Chinese-sourced advertising content; essentially, performing the same type of surveillance.
This similarity places the US government in a delicate situation, as officials can no longer credibly complain against other nations using such tactics when it does the same, but more importantly, write the researchers, the Cannon’s operational deployment indicates that China is readily escalating its information control beyond the state-level.
Source: NY Times and Citizenlab
Advertisement
Learn more about Electronic Products Magazine
