Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

China fires up 'Great Cannon' denial-of-service blaster, points it toward Hong Kong

Protest organizers come under fire from network traffic barrage

China is reportedly using the 'cannon' capabilities of its massive domestic internet to try and take down anti-government websites in Hong Kong.

The team at AT&T Cybersecurity reports that LIHKG, a forums and social news site being used to organize protests on the island, has been the target of an ongoing distributed denial of service (DDoS) attack from the mainland.

It is believed that the sustained flood of traffic is the result of the offensive capabilities built into the "Great Firewall," China's massive network infrastructure designed to filter, censor, and monitor traffic within the country's borders. Thus far, it appears that LIHKG's anti-DDOS service is holding up to the barrage and the site remains accessible.

The offensive mode, referred to as the Great Cannon, has been known since at least 2015, when it was revealed that PCs visiting sites within the firewall's domain had been seeded with JavaScript code that, on command, would direct them to fire data packets at a specific target.

President Xi of China

Just take a look at the carnage on Notepad++'s GitHub: 'Free Uyghur' release sparks spam tsunami by pro-Chinese

READ MORE

"Normally these URLs serve standard analytics tracking scripts," AT&T said of sites handing out the code. "However, for a certain percentage of requests, the Great Cannon swaps these on the fly with malicious code."

As a result, PCs from within China are now directing repeated requests for data from multiple pages on the LIHKG domain. In some cases, the DDoS flood aims for meme images as well. This, the AT&T team believes, is part of an effort to conceal the attack by making the flood of traffic appear more like normal patterns.

While the attack isn't succeeding at the time of writing, the AT&T security crew says it is concerned.

"It is unlikely these sites will be seriously impacted. Partly due to LIHKG sitting behind an anti-DDoS service, and partly due to some bugs in the malicious Javascript code that we won’t discuss here," the report explains.

"Still, it is disturbing to see an attack tool with the potential power of the Great Cannon used more regularly, and again causing collateral damage to US based services." ®

Similar topics

TIP US OFF

Send us news


Other stories you might like