Beginning last Thursday, GitHub began being attack by what they called "the largest DDoS (distributed denial of service) attack in github.com's history." Although at this point GitHub has regained service to 100%, the attacker still continues, attempting to change his methods. The attack was traced back to China, and already there is much speculation on whether this is amateur or professional. There has been some hint in a few blow posts, specifically this one, that this incident could be related to a censorship issue: "Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content."
Security experts said that the attackers directed a massive amount of traffic to two pages on GitHub by redirecting all users from the Chinese search engine, Baidu. According to The Wall Street Journal, Baidu claims it was never hacked and that it's systems were not compromised. But somehow all traffic to Baidu.com was being directed to two pages on GitHub with banned content in China. Although it is hard to believe that amateurs would have the capability to perform an attack like this, it does not really make sense that the government would direct traffic to banned content.
In every big hacking case like this, it is always suspected to be some big government figure. When Sony got hacked a few months ago, it was immediately suspected that the North Korean government was behind it, because of their upcoming movie The Interview. but the most likely scenario in most cases is that it's just someone really resourceful and dedicated with a computer. Obviously North Korea denied any involvement in that hack as will China in this one. But they do bring up a good point that this could be connected to the government, considering all of their censorship laws.
It was reported that this year in particular they have been stepping up their censorship efforts. They banned three of the largest Virtual Private Network(VPN) sites users would use to avoid the firewall and get to restricted sites: Astrill, GoldenFrog and StrongVPN; though many VPN sites are now functioning again, reports WSJ. Although we could never prove that this incident is somehow government related, it is certainly fun to speculate about.
No comments:
Post a Comment