Github falls victim to possible Chinese cyber attack

Coding site hit by ongoing DDoS, experts suspect Chinese involvement

binary on a screen with words 'hacking attack'

Coding repository Github has been hit by a mammoth cyber attack, which is believed to be ongoing. 

The website, which is primarily used by developers and software engineers as a platform to store and distribute source code, has been experiencing large-scale Dedicated Denial of Service (or DDoS) attacks, which analysts believe are Chinese in origin.

Github has stated that it believes that "the intent of this attack is to convince us to remove a specific class of content". However, while it has not disclosed what it thinks might be behind the attack, experts have noted that the site is used by many Chinese coders to host tools which circumvent the country's notorious internet censorship.

The cyber attacks hitting the website have largely stemmed from visitors to Chinese Google equivalent Baidu.com being redirected to Github. The search engine has disavowed any connections to the attack, saying it will "get to the bottom of this".

The tactics used in this particular DDoS have been remarkably thorough. While well-known DDoS-ers Anonymous uses mob logic and sheer force of numbers to overwhelm sites, the attack on Github has used "a wide combination of attack vectors" including "sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people".

One of the primary targets of the Github attack is anti-censorship organisation GreatFire, which hosts its firewall bypass tools on Github. The group has clashed with Chinese authorities before, calling repeatedly for security certificates issued by the Chinese Internet Network Information Centre to be revoked and classified as untrusted.

Hacking

This follows a spate of repeated cyberattacks on the likes of Outlook, Google, Microsoft and more. GreatFire says it has "concrete proof" that China was behind these attacks, citing a Google blog post highlighting the issue of unauthorised certificates.

These links have led some experts to theorise that the Chinese People Liberation Army is behind these hacks. While Github is too valuable a resource to the rapidly-expanding Chinese tech industry to be blocked entirely, it is being speculated that these outages are China's attempt to strong-arm Github's moderators into removing anti-censorship content belonging to GreatFire and others.

This attack bears some marked similarities to the Sony Pictures hack late last year, which was seemingly prompted by negative depictions of North Korean leader Kim Jong Un in The Interview. While the country's military stridently denied any involvement, there were suspicions in many camps that the hacks were allegedly sanctioned by the Korean Government.

Whether or not this is the case, some suggest that China saw the success of the Sony hacks and opted for a similar strategy. It's something the Chinese have been accused of before, and if the cyber attacks currently plaguing Github are Chinese in origin, it could be a sign that cyber terrorism is now seen as a viable method of intimidation.

At time of writing, Github is still online. However, the attack continues, and the cost of holding out against a cyber siege for five days (and counting) is likely to be taking its toll on the websites coffers. It's currently unknown whether the site will cave to the sustained pressure and block GreatFire and its ilk, or if that's even the aim of the attacks.

Is your business prepared for new EU cyber security regulations? This whitepaper offers advice, insight and guidance on what to do next. Read it today here

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
London ranks second to Silicon Valley as world's best startup hub
startups

London ranks second to Silicon Valley as world's best startup hub

22 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021