China launches new cyber attack weapon

The “Great Cannon” has entered the cyberwar lexicon alongside the “Great Firewall of China” after a new tool for censorship in the nation was named and described by researchers from the University of Toronto.

The first use of the Great Cannon came in late March, when the coding site GitHub was flooded by traffic, leaving it intermittently unresponsive for multiple days. The attack, using a method called distributed denial of service, appeared to be targeting two specific users of the site: the New York Times‘s Chinese mirror and anticensorship organisation, GreatFire.org.

Both users focus their efforts on allowing Chinese residents to bypass the country’s Great Firewall – the system China uses to restrict access to parts of the internet.

The attack, which continued for almost two weeks, was observed by researchers led by the University of Toronto’s Bill Marczak. They concluded that it provides evidence of a new censorship tool above and beyond the Great Firewall.

“While the attack infrastructure is co-located with the Great Firewall, the attack was carried out by a separate offensive system, with different capabilities and design, that we term the ‘Great Cannon’,” the researchers write.


“The Great Cannon is not simply an extension of the Great Firewall but a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man-in-the-middle.”

Where the Great Firewall was a tool for largely passive censorship – preventing access to material and providing the Chinese state with the ability to spy on its residents – the Great Cannon provides the ability to rewrite the internet on the fly.

When used offensively, that ability can turn a normal internet user into a vector of attack. In the case of the GitHub attacks, the Great Cannon “intercepted traffic sent to Baidu infrastructure servers”, web servers run by China’s largest search engine “that host commonly used analytics, social or advertising scripts”.

Roughly 1.75% of the time it took that traffic returned a malicious script, enlisting the unwitting web surfer in the hacking campaign against GitHub. The scripts were not complex, doing little more than sending requests for content to GitHub, but the sheer quantity of users affected proved difficult for the site to handle. – © Guardian News & Media 2015

Subscribe to the M&G

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years, and we’ve survived right from day one thanks to the support of readers who value fiercely independent journalism that is beholden to no-one. To help us continue for another 35 future years with the same proud values, please consider taking out a subscription.

Related stories

Trump gives TikTok 6 weeks to sell itself to US company

China's foreign ministry pushed back, calling Washington hypocritical for demanding TikTok be sold

Cartoon: Carlos on Xi Jinping’s cures

In his medicine cabinet, there’s always a remedy for all that ails the Chinese president

1962, China: The day Mao met Mlangeni

In this edited extract from The Backroom Boy, an autobiography of the late Andrew Mokete Mlangeni by Mandla Mathebula, the ANC struggle stalwart meets Mao Tse-Tung while in military training in China

India and China border conflict intensifies

A frontier dispute between the two Asian giants turned deadly for the first time in 45 years. Observers argue the skirmish was exacerbated by Delhi’s annexation of Kashmir and Ladakh

Cartoon: Carlos on the India-China border clashes

This past week saw conflict between the two countries resurface

Why we need to dismantle the East-West hyphen

Hyphenated identities: Why can’t I be just ‘South African’; why do I need to be ‘South- African Chinese’?
Advertising

The PPE scandal that the Treasury hasn’t touched

Many government officials have been talking tough about dealing with rampant corruption in PPE procurement but the majority won't even release names of who has benefited from the R10-billion spend

ANC still at odds over how to tackle leaders facing...

The ANC’s top six has been mandated to work closely with its integrity committee to tackle claims of corruption against senior party members
Advertising

press releases

Loading latest Press Releases…

The best local and international journalism

handpicked and in your inbox every weekday