China hit by massive Web attack this weekend
Over the weekend, .cn – the Chinese equivalent of .com – went dark, according to reports by the China Internet Network Information Center.
Ng Han Guan/AP/File
Every website that uses the .cn suffix was inaccessible for several hours over the weekend, the result of “the largest ever” hack on Chinese sites, according to the China Internet Network Information Center (CNNIC).
The attack began on Sunday at 2 a.m. local time in China and lasted approximately two to four hours, according to a CNNIC announcement, accessed via Voice of America. Chinese officials identified the incident as a distributed denial of service attack (DDoS), where servers get overwhelmed by a coordinated network of computers. During the attack, any computer that tried to access a .cn website got an error message.
Before malicious coders can launch a DDoS attack, they must infect the computers of unsuspecting users, often by tricking people into installing malware on their computers. The malware can then be coordinated to attack a website or network, and an off-site controller can launch the attack at his or her choosing, flooding the servers with a stream of hits. This effectively causes the site to collapse, or at least become useless for a few hours. Though the .cn domain was down, many service providers store parts of the online registry, so some .cn websites could have still been accessible to users, according to CloudFlare, an online content delivery network. Furthermore, the relative ease of spreading viruses means that the attack could have been perpetrated by an individual.
The attack on China's servers was unusual because it occurred on such a large scale, attacking a country's entire domain rather than individual sites, and because China is more commonly accused of perpetrating cyber attacks than being on the receiving end of them. The security firm Mandiant found that there is an advanced persistent threat in China that is involved in an “extensive cyber security campaign,” and that it was “highly unlikely that the Chinese government is unaware” of the attack group, according to a report from February.
However, tight Chinese censorship makes it extremely difficult to say conclusively who or what was behind these attacks, or what the hacker(s) motivations might have been.
The attacks occurred the day before Bo Xilai’s trial came to an end, fueling speculation that the brief Internet blackout could somehow be connected to a larger crackdown of online dissent. Mr. Bo, once a member of the party elite, was on trial for corruption. Bo's trial began with crowds of onlookers, but after the first day, security around the trial was increased, undercutting the public dialogue that occurred during the first day of the trail, according to a report by NPR.
As of Monday, the .cn domain was back in working order.