HONG KONG >> The Chinese government has long used a sophisticated set of Internet filters known as the Great Firewall as a barrier to prevent its citizens from obtaining access to foreign websites with information it deems threatening.
But in a recent series of cyberattacks on websites that try to help Internet users in China circumvent this censorship, the Great Firewall appears to have been used instead as a weapon, diverting a portion of the torrents of Internet traffic that flow through it to overload targeted websites.
In doing so, the Chinese government is taking advantage of and damaging one of China’s own Internet companies: Baidu. The attacks appear to hijack ad and analytics traffic intended for Baidu, China’s largest search company, and then send that traffic to smaller websites in what is known as a distributed denial of service or DDoS attack. The huge flow of traffic has the effect of crashing the sites.
The main target of the recent barrage is GitHub, a popular website that acts as a library of code for programmers. While it is an indispensable tool to tech companies in China, it also hosts several pages that enable users to view sites blocked in the country.
Because GitHub is fully encrypted, China’s domestic Web filters cannot distinguish between pages that host code useful to programmers and code that circumvents censorship. In 2013, when the government fully blocked GitHub, it caused an outcry among China’s many computer engineers, leading to the site’s subsequent unblocking.
“This is a huge problem for free expression,” said Lokman Tsui, an assistant professor at the Chinese University of Hong Kong.
“This is a message to the people who maintain GitHub: Either you kick out GreatFire and The New York Times, or we’ll keep this up,” said Mikko Hypponen, chief research officer at the security firm F-Secure.
Experts said they could not be certain who was behind the attacks. But it appears that signals to or from Baidu ads and analytics tools are being redirected toward the targeted sites when users outside China visit a site inside China.
In a post on a security website run by Insight Labs, an analyst wrote that “a certain device at the border of China’s inner network and the Internet has hijacked” connections going into China.
“In other words,” the post continued, “even people outside China are being weaponized to target things the Chinese government does not like.”