China launches new cyber attack weapon

The “Great Cannon” has entered the cyberwar lexicon alongside the “Great Firewall of China” after a new tool for censorship in the nation was named and described by researchers from the University of Toronto.

The first use of the Great Cannon came in late March, when the coding site GitHub was flooded by traffic, leaving it intermittently unresponsive for multiple days. The attack, using a method called distributed denial of service, appeared to be targeting two specific users of the site: the New York Times‘s Chinese mirror and anticensorship organisation, GreatFire.org.

Both users focus their efforts on allowing Chinese residents to bypass the country’s Great Firewall – the system China uses to restrict access to parts of the internet.

The attack, which continued for almost two weeks, was observed by researchers led by the University of Toronto’s Bill Marczak. They concluded that it provides evidence of a new censorship tool above and beyond the Great Firewall.

“While the attack infrastructure is co-located with the Great Firewall, the attack was carried out by a separate offensive system, with different capabilities and design, that we term the ‘Great Cannon’,” the researchers write.

“The Great Cannon is not simply an extension of the Great Firewall but a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man-in-the-middle.”

Where the Great Firewall was a tool for largely passive censorship – preventing access to material and providing the Chinese state with the ability to spy on its residents – the Great Cannon provides the ability to rewrite the internet on the fly.

When used offensively, that ability can turn a normal internet user into a vector of attack. In the case of the GitHub attacks, the Great Cannon “intercepted traffic sent to Baidu infrastructure servers”, web servers run by China’s largest search engine “that host commonly used analytics, social or advertising scripts”.

Roughly 1.75% of the time it took that traffic returned a malicious script, enlisting the unwitting web surfer in the hacking campaign against GitHub. The scripts were not complex, doing little more than sending requests for content to GitHub, but the sheer quantity of users affected proved difficult for the site to handle. – © Guardian News & Media 2015

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever. But it comes at a cost. Advertisers are cancelling campaigns, and our live events have come to an abrupt halt. Our income has been slashed.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years. We’ve survived thanks to the support of our readers, we will need you to help us get through this.

To help us ensure another 35 future years of fiercely independent journalism, please subscribe.

Advertisting

Tension over who’s boss of courts

In a letter, Chief Justice Mogoeng Mogoeng questions whether Justice Minister Ronald Lamola has acted constitutionally

SABC sued over ‘bad’ clip of Ramaphosa

A senior employee at the public broadcaster wants compensation for claims of ‘sabotage’

Soundtrack to a pandemic: Africa’s best coronavirus songs

Drawing on lessons from Ebola, African artists are using music to convey public health messaging. And they are doing it in style

In East Africa, the locusts are coming back for more

In February the devastating locust swarms were the biggest seen in East Africa for 70 years. Now they’re even bigger

Press Releases

New energy mix on the cards

REI4P already has and will continue to yield thousands of employment opportunities

The online value of executive education in a Covid-19 world

Executive education courses further develop the skills of leaders in the workplace

Sisa Ntshona urges everyone to stay home, and consider travelling later

Sisa Ntshona has urged everyone to limit their movements in line with government’s request

SAB Zenzele’s special AGM postponed until further notice

An arrangement has been announced for shareholders and retailers to receive a 77.5% cash payout

20th Edition of the National Teaching Awards

Teachers are seldom recognised but they are indispensable to the country's education system

Awards affirm the vital work that teachers do

Government is committed to empowering South Africa’s teachers with skills, knowledge and techniques for a changing world

SAB Zenzele special AGM rescheduled to March 25 2020

New voting arrangements are being made to safeguard the health of shareholders