This article was published on March 30, 2015

GitHub may have been targeted by Chinese hackers in DDoS attack


GitHub may have been targeted by Chinese hackers in DDoS attack

Code management platform GitHub has been fending off a distributed denial of service (DDoS) attack since last Thursday. Security experts say the attack may have originated in China, reports The Wall Street Journal.

Over the past few days, San Francisco-based GitHub has been hit with huge amounts of traffic from overseas users of Baidu, a Chinese search engine. The attack caused the service to appear unavailable to many users since March 26.

Octocat

GitHub, which hosts developers’ coding projects online, found the onslaught of traffic directed at two specific pages on its platform that linking to sites that are banned in China — Greatfire.org, a resource that tracks content blocked in the country, and The New York Times’ Chinese language site.

NY Times CN

At the time of writing, GitHub reports that it is still under attack, but it has managed to bring the situation under control and its site is available to users as usual.

Mikko Hyponen, the chief research officer of cybersecurity firm F-Secure, said the attack was likely to have involved Chinese authorities because it involved the manipulation of Web traffic at a high level of the country’s internet infrastructure. “It had to be someone who had the ability to tamper with all the Internet traffic coming into China,” he said.

The attack manipulated traffic to Baidu from users who accessed the search engine from outside China and sent requests for data from their computers to GitHub. This made it more difficult to block, as it resembled typical traffic from around the world and not a single source attempting to bombard the site with data requests.

The Chinese government could have blocked GitHub entirely, but as the site is encrypted, it can’t tell whether users in the country are trying to access ordinary code projects or are looking for anti-censorship content hosted on the platform (such as an uncensored version of the social network Weibo, managed by Greatfire.org).

Blocking the whole site would also cut off access for tech companies in China that use GitHub.

The company said in a blog post that this has been the largest attack in its history, and that it involves a range of “sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic.”

GitHub declined to comment on what content was specifically targeted in the attack, or who it suspected to be behind it. The company said, “Based on reports we’ve received, we believe the intent of this attack is to convince us to remove a specific class of content.”

Baidu said that it wasn’t involved in the attack and its systems weren’t breached either.

U.S. Coding Website GitHub Hit With Cyberattack [The Wall Street Journal]

Image credit: Shutterstock

Read next: Reuters’ news sites are currently blocked in China

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with