China Attacks GitHub

The Chinese government has long used a set of Internet filters known as the Great Firewall as a barrier to prevent its citizens from accessing foreign websites that it deems threatening. Though, in recent attacks, it appears as though China is using the Great Firewall as a weapon, diverting the torrents of Internet traffic flow to overload targeted websites.

China is taking advantage of its largest search company, Baidu, by hijacking their ads and analytic traffic and sending that traffic to targeted websites in a distributed denial of service attack (DDOS).

The target of the recent barrage is GitHub, the popular website that acts as a repository of code for programmers alike. While GitHub is a great resource for tech companies in China, it also hosts several libraries that enable users to view sites blocked in China. Because GitHub is fully encrypted, China’s filters can’t distinguish between what GitHub pages they deem useful to programmers and code that violates their strict censorship laws. Their solution; DDOS GitHub until they remove the pages they see as a threat. In this case, two pages, one with code from – a nonprofit that runs mirrors of blocked sites like Google – and another that hosts links to mirror sites of the Chinese version of The New York Times.

The DDOS attack began last Thursday and it forced GitHub staff to rally and attempt to ease access problems. GitHub said that the attack is the largest they’ve ever seen, and that it featured “sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood GitHub with high levels of traffic.” In particular, because the traffic comes from real users scattered across the globe, it is hard to sort the real traffic from the fake.

The United States has reacted strongly to DDOS attacks by Iran in the past. It will be interesting to see if the Obama administration will increase pressure and enact stricter penalties on China if these acts continue.

David Durst