2015-04-10
A man surfs the Internet at a coffee shop in Beijing in a file photo.
AFP
China has added a powerful new weapon in its battle to control what its users see online, adding the “Great Cannon” to its existing arsenal of blocks, filters and human censorship known collectively as the Great Firewall, a new report said on Friday.
Led by researchers at Citizen Lab, at the University of Toronto, the report analyzes in technical detail exactly how a massive distributed denial of service (DDoS) attack on anti-censorship site GreatFire.org and coding website GitHub unfolded earlier this month.
“China’s ‘Great Cannon’ [is] our term for an attack tool that we identify as separate from, but co-located with, the Great Firewall of China,” the report said.
“The operational deployment of the Great Cannon represents a significant escalation in state-level information control: the normalization of widespread use of an attack tool to enforce censorship by weaponizing users,” it said.
According to the report, the attack on GitHub and GreatFire.org is the first known usage of the Great Cannon.
The attack on the sites, which both hosted tools to users wishing to circumvent Chinese Internet censorship, was carried out by “a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man-in-the-middle,” the report said.
The Cannon works by silently programming the browsers of users outside China to create a massive DDoS attack.
“The Great Cannon clearly [affords] China the opportunity to deliver exploits targeting any foreign computer that communicates with any China-based website not fully utilizing [a secure connection],” it said.
The report draws parallels between the Great Cannon and the U.S. National Security Agency’s “Quantum” program, first revealed in documents leaked by former NSA contractor Edward Snowden.
The report said it would be a “trivial” task to repurpose the Great Cannon to attack the computers of users whose browsers were weaponized in the GitHub attack, it said.
GreatFire.org last month said it was “confident” that the Cyberspace Administration of China (CAC) was responsible for both DDoS attacks.
It said Beijing has shifted its focus from enforcing strict censorship in China to enforcing Chinese censorship on Internet users worldwide.
Youth league
The report was issued a day after it emerged that China’s ruling Communist Party’s Youth League is actively recruiting some 10 million online web opinion-makers, known colloquially as the 50-cent army, to post pro-government articles, videos and tweets.
