GitHub, a large U.S.-based repository where software developers store their codes, has succumbed to a massive distributed denial-of-service attack from sources that appear to come from China, highlighting the country’s latest effort to censor content even outside its territorial jurisdiction.
The surge in traffic to GitHub is said to have originated from users that tried to visit Baidu, a popular search engine in China, thereby partially stifling operations of the coding website. A DDoS attack is the usual method of attack that state-sponsored hackers use to suppress websites that find unpleasant to their sponsor’s name. And China, including North Korea, has been known for its aggressive actions toward anti-censorship tools and content, the most popular of which being the website Greatfire.org and big media outlets.
Quite obviously, Greatfire.org and the New York Times’s Chinese language website seem to be the target of the attack. The huge traffic was directed to the pages of Greatfire.org and NYT on GitHub. These websites are banned in China, but thanks to the technical expertise of the people behind these websites, users in the country are still able to access the websites.
Greatfire.org helps Chinese users avoid censorship programs by the government, particularly the Great Firewall that clamps down on content the Chinese government deems objectionable. Other websites banned in China are the Wall Street Journal and major western media outlets.
As a result of the attack over the weekend, users were not able to gain access to GitHub’s website. GitHub believes the intent of the attack is to force to website to remove content that particularly paints a negative image of China, though the website would not disclose the people that operate the website.
It’s quite clear that the attackers are related to the Chinese government due to the high level of traffic manipulation that paralyzed GitHub. The attack involved traffic from Baidu users outside China, which come in a huge number.
Requests for information from Baidu were being relayed to GitHub through a code that was activated to continuously redirect the traffic. Since the requests to GitHub came from individual computers from across the globe and appeared like normal requests, it was hard for GitHub to block them. The attack was specific only to two pages related to Greatfire.org and NYT, because it would be a double-edged sword if China chose to take GitHub down completely.
The attack is believed to have also cost hundreds of thousands of dollars daily for GitHub.