'Great Cannon of China': censorship tool hijacks internet traffic to shoot it at unwanted websites

New cyberweapon could be used to take down sites that operators don’t like, and was used on code-sharing site Github and anti-censorship site GreatFire.org

Andrew Griffin
Monday 13 April 2015 15:59 BST
Comments
Customers play computer games at an Internet cafe in Taiyuan, Shanxi province, China.
Customers play computer games at an Internet cafe in Taiyuan, Shanxi province, China. (REUTERS/Stringer)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

China has a new cyberweapon that can be used to hijack internet traffic and turn it against websites that it doesn’t like, according to researchers. The tool has already been used to attack two major websites, Github and GreatFire.org.

The tool, called the ‘Great Cannon’ by the researchers that discovered it, can take internet traffic and redirect it towards websites, forcing a distributed denial of service (DDoS) attack. Such attacks send a huge influx of traffic towards a site, overloading it and often forcing it to go offline.

It was used to attack Github, which was taken down for almost a week recently, and anti-censorship site GreatFire.org. It was discovered and named by a group of researchers led by Bill Marczak from the University of Toronto.

The Great Cannon is related to the Great Firewall but separate from it, according to those behind it — it uses the same network space and infrastructure and similar coding, showing that it is being controlled by China. But the way it is built means that it works much more effectively for attacks as well as blocking, according to the researchers.

The technology was used to attack two specific “repositories” on GitHub — areas where specific code is kept. That included GreatFire’s and a Chinese mirror for the New York Times, both of which were used by people behind the Great Firewall to circumvent internet censorship.

The attack represents a major shift in tactics and is a much more visible attack than those previously carried out by the country, according to the researchers that found it. “It is likely that this attack, with its potential for political backlash, would require the approval of high-level authorities within the Chinese government,” they write.

The researchers speculate that the Great Cannon could have been deployed to undermine the threat presented by GreatFire.org and other sites, or could also be an attempt to demonstrate to the US that China has similar capabilities for attacking and undermining internet communications.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in