A Nation State modified it’s users’ web traffic to overload the deployed servers of a Silicon Valley start-up. The business, GitHub, allows businesses to store files online.
Why this matters…
This was done to bring offline content that was against their censorship policies. Such an attack is possible against any business, service, or organization. This could be done against something as harmless as taking offline any website in the planet, but could also be applied to any critical infrastructure sensor and set of systems – think Internet of Things, Nuclear power plants, 911 phone systems, etc ..
The business and nation state security implications are quite severe here. The reason for the attack was about the 2 types of content – New York Times (banned in China) and information on bypassing the Chinese censorship firewall. Clearly these are not aligned to China leadership.
This attack was executed in the following manner:
the attack was due to HTTP hijacking, and “a certain device at the border of China’s inner network and the Internet has hijacked the HTTP connections went into China, replaced some javascript files from Baidu with malicious ones that would load every two seconds.” Block code execution was also apparently used to prevent looping.
via GitHub suffers ‘largest DDoS’ attack in site’s history | ZDNet.
Despite a good deal of articles the common media (WSJ, Bloomberg, etc..) and political response has been lacking compared to the response and support provided to Sony.
My true concern here is that this minor attack (only a few citizens of China are unknowingly having their traffic used to attack a small technology company) is an excellent BETA TEST for a full scale modification of all 1.4B Chinese citizen traffic against critical infrastructure (46% of population was used for GibHub).
Other thoughts?
James
Technology, Strategy, and Cybersecurity - explored, explained, and examined 