This year might be the year of the DDoS attacks, with the most recent victim being GitHub. At the end of March 2015, an “attack began around 2am UTC on Thursday, March 26, and involves a wide combination of attack vectors,” reports the official GitHub blog. “These include every vector we’ve seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood with high levels of traffic.”

After digging a little deeper, it was found that this particular DDoS pinpointed two major GitHub projects focused on Chinese anti-censorship. Both GreatFire and the New York Times Chinese edition were targeted. GitHub has announced that the attacks were designed to remove a certain type of content. Insight Labs teamed up with GitHub to get to the root of the problem, ultimately discovering malicious JavaScript that was tapped by “a device at the border of China’s inner network and the Internet.”

Censorship on a Global Scale

When someone goes to Baidu, the Google of China, that is when the malicious code goes into effect. GitHub did a fantastic job of keeping users informed during the attack via Twitter. However, while the site was functioning at 100 percent just a few hours after the attack was announced, there are still lingering effects in the back end of things. So far, Baidu and Chinese officials have staunchly denied any such attack, promising that Baidu has “ruled out the possibility of security problems or hacker attacks on (its) own products.” However, the timing and focus of the attacks are suspicious.

Recently, a number of GreatFire mirror sites survived a similar DDoS attack. This came on the heels of the Wall Street Journal publishing a piece about anti-censorship groups in America, and how it is impacting cloud computing services. This most recent attack was sending over 2.6 billion requests each hour in the thick of it, and many US experts agree that China is indeed behind the attack—although it is unclear if Baidu should be to blame or another group.

The Down Low on DDoS

A distributed denial of service (DDoS) attack is designed to sabotage a particular server or website (in this case GitHub). A “cracker” (human hacker) tells computers via a “zombie computer” to reach out to a certain website or server over and over again. This, of course, results in a huge traffic spike which makes sites load incredibly slowly for people who are genuinely trying to use it. In some instances, the traffic is so high that the website gets shut down. This is when a DDoS attack is in full swing.

A successful DDoS attack means neither the zombie computer nor the cracker can be tracked. DDoS attacks are relatively popular because of their ease. Major companies have been victims, such as Microsoft which succumbed to the MyDoom attack. Yahoo!, Amazon and eBay have also been victims. There may never be an admission of guilt from a Chinese cracker or company, but targeting sites that explicitly publish information about Chinese censorship laws is a clear indication of who is likely to blame.



Category : General, VPS Hosting, Web Security


Leave A Reply