China using ‘Great Cannon’ to launch DDoS censorship attacks

The “Great Cannon” has joined the “Great Firewall” in the Chinese government’s arsenal of weapons against free speech in the Asian country.

Researchers at the University of Toronto have discovered the Great Cannon after coding site GitHub was grounded by a distributed denial of service attack (DDoS). The attack particularly focused on users of the site with a history of trying to circumvent China’s censorship programmes: the New York Times’ Chinese mirror and GreatFire.org.

Read more: China the source of almost half of all online attacks

Bill Marczak from the University of Toronto believes the DDoS attack demonstrates a new method of online censorship in China.

“While the attack infrastructure is co-located with the Great Firewall, the attack was carried out by a separate offensive system, with different capabilities and design, that we term the ‘Great Cannon’,” he told the Guardian.

“The Great Cannon is not simply an extension of the Great Firewall, but a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man-in-the-middle.”

Previously, China has relied on more passive forms of online censorship like its so-called Great Firewall, but the Great Cannon does much more than simply block access to sites. It actively intercepts and redirects traffic to China’s largest search engine Baidu and uses it to overwhelm target sites – in this case GitHub.

As both the Great Cannon and the Great Firewall are hosted on the same servers and share source code, it is believed that they are both operated by the Chinese government. If true, the launch of the Great Cannon would mark a hostile change in tactics for Chinese censorship.

In addition, while the only known target so far has been GitHub, the Great Cannon could potentially be used to target specific individuals located outside China, providing they connect with a Chinese server without cryptographic protections. Researchers believe that the technology may be employed to tackle “what the Chinese government perceives as US hegemony in cyberspace.”

Read more: China admits having cyber warfare divisions

Although other governments have been found interfering with unencrypted Internet traffic previously, including the UK’s through the use of QUANTUM by the GCHQ, China’s Great Cannon is the first instance where little or no attempt has been made to hide their actions.