Slashdot Mirror
China's 'Great Cannon' -- a Cyber-weapon to Accompany the Great Firewall
An anonymous reader writes: A new report from The Citizen Lab identifies a distinct new technology entity sitting next to the Great Firewall of China. Dubbed the 'Great Cannon', the multi-process cluster revealed itself quite openly in the recent attacks on Greatfire.org and its two Github pages. The DDoS attack was so sustained that CL was able to study the new technology in depth, determining architectural similarities and unearthing many strong indications that it is a product of the Chinese authorities.
We've seen attack upon attack on various countries by the government of China. These attacks are way beyond simple con jobs for access to government servers or trade secrets.
Why the hell do they have MFN status again?
Okay, I suppose you don't mind we also stop pretending the Five Eyes (especially the USA) and Israel at not in a low level war with any other country? Right?
Other than you saw some other moron on the Internet say 'China Did It' ... can you provide some actual proof to back up your claims.
It is simply stunningly illogical for China to behave this way against such petty targets. It makes absolutely NO sense for them to flaunt their ability and willingness to do so as the simple course of action the entire reset of the world would take is a simple matter of NULL routing China and going on about their daily business, your 'war' would be over before anyone really cared.
And ... a DDoS does pretty much nothing to gain you access to government servers or trade secrets.
WTF is it with you nut jobs who seem to think the entire world is out to get you regardless of cost to themselves?
Slashdot is pretty much the only place on the planet that thinks this is an actual attack by the Chinese, perhaps you should ask yourself why? And no, before you get the idea, its not because slashdot is so smart and so far ahead of the general public, that ended 10 years ago.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
And admit that the Chinese will not even slow down until it's clear that the developed countries will be retaliate in kind. The feds need to take the kid gloves off and let American businesses do unto the Chinese as the Chinese do to them. Chinese DDoS? Let GitHub retaliate against Chinese assets involved. Chinese firms hacking and stealing assets? Authorize industrial espionage by American businesses against Chinese interests. Chinese intelligence actively attacking American business? Give the NSA a free hand to retaliate and screw with the Chinese government. They try to break into our classified networks? Set up an entire NSA team to infiltrate the Chinese military establishment and depants their national security secrets on a Wikileaks-By-Uncle-Sam level.
Well, that's really sort of the definition of fixed here, isn't it? You do nothing with the DDoS traffic while responding as normal to the regular traffic.
That is all.
Anyone who runs a server on the Internet only needs to look at their firewall log to see break-in attempts coming from China, 24 hours a day every day. It's blatantly obvious that Someone in China did something. Still that's not conclusive proof that governments are involved.
It is simply stunningly illogical for China to behave this way against such petty targets. It makes absolutely NO sense for them to flaunt their ability and willingness to do so...
Did you miss the part where China builds artificial islands wayyyy past the 200-mile line to do an end run around it?
Il n'y a pas de Planet B.
While the attack, is progressing, with all the spoofing going on, why is everyone saying its China? With all the communications chips coming out of China, could it be misidentification? And reading your attack? Since you are trying to penetrate their defenses? Meaning its your spiders reporting back, making requests for service?
Glorious exposition, comrade!
It is simply stunningly illogical for China to behave this way against such petty targets. It makes absolutely NO sense for them to flaunt their ability and willingness to do so...
Just like it makes no sense for Americans to bomb the Bikini Atoll, or run new ships on trips around the world. The goal isn't to destroy a Pacific paradise or to wear out the engines, but rather to announce to the political world that we have a new capability, and we're ready to use it as we see fit.
The "petty targets" may be convenient places to point this "Great Cannon"... They provide a noticeable target, and apparently can be analyzed enough to provide some basic details to the rest of the world. Assuming China is behind the attack, we now know that China can run at least this level of attack, and there's no reason to expect that in a full-scale conflict, it wouldn't be turned against more serious targets. We don't know whether the attack can be made even bigger, or if it has different operational modes, or even how quickly such an operation can scale... and that's enough uncertainty to make it a deterrent weapon. It's all political posturing, and from outward appearances, it seems China is showing itself to be fairly powerful, but not yet openly aggressive.
Contrast that with North Korea, which has persistently demonstrated impotent aggression, and our main concern is that they might actually develop a real offensive capability that affects us.
...as the simple course of action the entire reset of the world would take is a simple matter of NULL routing China and going on about their daily business...
...except that a significant part of their daily business has now been null-routed. It's going to be hard to keep that great American economy moving when manufacturers can't contact their contracted suppliers. Without that continuous economic movement, we're facing yet another financial crash, which the United States government probably doesn't want to have happen just yet.
your 'war' would be over before anyone really cared.
On the contrary, an openly-hostile and traceable act (like cleanly disconnecting a major nation) would be the first strike in a bigger escalating conflict, as each side accuses the other of being the guy who really started the fight. Throw in a few false-flag operations and stage a few "exposed" false-flag operations, and it's not a very big leap to having a real war with real weapons and real death.
Frankly, I'd rather just have the political games.
You do not have a moral or legal right to do absolutely anything you want.
I was going to post exactly this ...
China does bully and take advantage of petty targets and nations that have no way to defend themselves, and the best example of this is their attitude in the china sea, they are building ilsands to expand their borders, and all of the nations around cant do anything about it... they are first class bullies... I fail to see how their "cyber-attitude" could be any different.
I will just say this: The above post is a lie. I can name plenty of examples to show China's aggression.
If people remember a few years back, US solar companies getting breached, or breach attempts in large numbers, all from China. Six months later, China started shipping panels that mysteriously had the same IP as the US PV makers... but for costs well under what even the rare earths went for. This destroyed the US PV industry, and it nearly destroyed Europe's until they enacted a tariff to level the playing field (China will give you deep discounts on rare earths... provided their companies do the manufacturing... companies that you have to give all trade secrets to.)
So, China isn't an angel in any sense of the word. They have been having a lot of border skirmishes with neighbors. They only have MFN because most US companies can't see past next quarter's earnings.
A DDoS makes sense. Same way someone getting their face decorated with a black eye the first time they hit the prison yard... it sends a message.
In order to inspect the DDoS traffic to reject it, it has already come in over your internet.If they use all your bandwidth it does not matter if you drop the traffic, you are already dead.
For large companies Internet providers will install anti-DDOS software at the interconnect point. We have a 1 GBPS connection and whatever anti-DDOS software we had at our end could be relatively easily swamped. Our network provider on the other hand has a huge bandwidth (can't remember what) and swamping their system would be very difficult even for the large botnets.
> It makes absolutely NO sense for them to flaunt their ability and willingness to do so as the simple course of action the entire reset of the world would take is a simple matter of NULL routing China and going on about their daily business
It amazes me how many Slashdot posts theorize about what *would* happen, under conditions that *already* have been going on for years. If you said that in 1990, it would be a reasonable prediction, an intelligent guess. After 20 years of attacks, very few networks have blocked China completely. We know what *would* happen, because it's *been* happening for many years.
PLA Unit 61398 hacked a few low level sites, the US and Europe did nothing. They hacked some smaller companies. The US and Europe did nothing. They started blasting US and European banks and other key targets with constant attacks. A few web sites started blocking Chinese traffic locally. The US and Europe did nothing. The hacked solar companies and started shipping panels baed on technology recently developed in the US. A couple of government bureaucrats grumbled. They hacked some shell companies nominally involved in solar, but primarily engaged in federal grants and political donations. The US government indicted their officers, a purely ceremonial exercise - we're not actually going to go get those officers and put them in jail.
That's what actually HAS happened. Your theory about how the US WOULD respond might have been a reasonable guess in 1990, but it's rather outdated now. Like the arguments about what the results would be from banning guns - the UK DID ban handguns, violent crime did double. it already happened. Pretty silly to make guesses about what you think might happen.
Take a look at the stories about China in the South China sea. China is blatantly hostile, this is just another of the many hostilities. Also, it appears that they pay people to AC astroturf on /. This is the only explanation I can come up with for the ACs claiming that we don't know it was China when TFA is quite clear on the research that was done to determine how the attack occurred.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
That could also be about a billion unpatched versions of Zombie XP running DOSS attacks as part of a huge Botnet and the only reason it originates from China is the fact that everyone uses pirated unpatched versions of OS there. Just speculating, but that would make sense. Not saying that is isn't a Chinese directed botnet, but it may not be the national government.
So that's where Rob Malda actually went.
I knew it!
Mod me down, my New Earth Global Warmingist friends!