Chinese Internet censors have developed an “offensive system” that makes it possible for them to knock international websites offline and install malicious software on computers around the world, says a cybersecurity report released Friday. The new capability, dubbed the Great Cannon, is more powerful than China's Great Firewall, which has been used to censor media critical of Beijing.
And research shows the Great Cannon has already been used. The Citizen Lab report -- authored by computer scientists from the University of Toronto, the International Computer Science Institute, the University of California, Berkeley, and Princeton University -- determined that the Great Cannon was behind the weekslong attack that knocked a Chinese version of the New York Times and the anti-censorship group GreatFire offline.
The Great Cannon did so with a sophisticated, evolving version of a distributed denial of service (DDoS) attack. DDoS attacks occur when thousands of computers unwittingly have their traffic directed to a single website, overwhelming the target page with so many Web requests that it's unable to stay online. The DDoS attack in question not only exposed new levels of sophistication but also knocked GitHub, the coding website based in San Francisco, offline for days.
The report stops short of directly identifying any specific person or organization, saying only that there is “compelling and reproducible evidence” that China's government is behind the Great Cannon. But the report's authors also imply hypocrisy on the part of any U.S. lawmakers who criticize the program.
“The operational deployment of the Great Cannon represents a significant escalation in state-level information control: the normalization of widespread use of an attack tool to enforce censorship by weaponizing users,” the report states. “Specifically, the Cannon manipulates the traffic of 'bystander' systems outside China, silently programming their browsers to create a massive DDoS attack. While employed for a highly visible attack [in the GreatFire case], the Great Cannon clearly has the capability for use in a manner similar to the [National Security Agency's Quantum] system, affording China the opportunity to deliver exploits targeting any foreign computer that communicates with any China-based website not fully utilizing HTTPS [Hypertext Transfer Protocol over Secure Socket Layer].”
Chinese government officials have consistently denied any government involvement in launching foreign cyberattacks.