China’s ‘Great Cannon’ turns into Cyber-weapons

According to a new report from Citizen Lab, China has been developing a new way to intercept and redirect internet traffic destined for its top online search service, possibly for the purpose of unsettling series of denial-of-service attacks aimed at sidelining sites that distribute anti-censorship tools.

China is widely suspected of being behind the recent attack against Github, which was overloaded via “an ongoing and evolving large DDOS attack.” Now Github’s attackers are allegedly using the Cannon to redirect that traffic from Chinese search engine giant Baidu to demolish the website.

Experts believe that China’s Great Firewall has the capability of blocking Web surfers from within the country to access online sites that host content considered as prohibited by the Chinese government. But according to researchers, this latest censorship innovation targeted Web surfers from outside the country who were requesting various pages associated with Baidu.

The attack on Github worked by tampering with an analytics script that the Chinese web giant Baidu distributes. Anyone visiting a site with the script would normally send back data to Baidu and receive a reply, but the Cannon intercepted that data in transit, inserting a new script that would blast Github with bad traffic.

As reported by Weaver, the attacks from the Great Cannon do not succeed when people browse Chinese sites with a Web address that begins with “https://”, meaning that regular Internet users can limit their exposure to these attacks by insisting that all Internet communications are routed over “https” versus unencrypted “http://” connections in their browsers. A number of third-party browser plug-ins — such as https-everywhere — can help people accomplish this goal.

The report concludes that Chinese censors could just have easily served malicious code to exploit known Web browser vulnerabilities.

Baidu was a captivating target for the Great Cannon because of its widely used analytics script. However, the capabilities of the Great Cannon are public so it may become more alert to using code that might be vulnerable to it.

US retaliation was called for the Github attack as it had been described as “attacks by a nation state against key United States internet infrastructure.” The NSA has similar capabilities through the QUANTUM program, revealed by Edward Snowden, but it has never used them in such an aggressive and public way.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...