The collaborative programming site GitHub has been hit by a sustained denial of service attack over the weekend, with suggestions that China may be behind it. While not entirely clear, it’s thought that the reasoning may be to shut down projects designed to circumvent Chinese censorship tools.
At last count late yesterday, the DDOS attack had been ongoing for almost 90 hours, with this representing the largest attack the site has suffered since its founding in 2008. Traffic hitting the site appears to be coming from international users visiting the Chinese search engine Baidu, with their results and subsequent navigation sending them first to GitHub, with then overloaded the site.
It’s only ‘better together’ when there aren’t millions of extra Baidu users
As the WSJ points out in a quote from a security firm analyst, it’s been suggested that the Chinese government must have had some involvement in the attack, since it would be very easy for it to manipulate traffic to crash sites and servers. However, the only statement so far has come from Baidu and it denies any involvement, but it’s not clear whether that backs up current theories of who’s responsible or throws a spanner in their works.
GitHub appears operational and reachable at the time of writing, with the site administrators saying yesterday that they had managed to mitigate much of the damage done by the attack.
If China’s authorities did turn out to be responsible for this DDOS abuse, it wouldn’t be the first time. Back in 2013 it initiated a sanctioned block of the domain, but after Chinese software developers complained it rescinded the order.
Discuss on our Facebook page, HERE.
KitGuru Says: This seems like a strange tactic to employ, as it’s unlikely to be a lasting solution. Perhaps it’s just a case of China flexing its digital attack muscles?