Washington Post An unknown party hijacked widely used tools developed by Baidu, the largest search engine in China, this week in an apparent attempt to target online software used to get around Chinese censorship. By Andrea Peterson
'The assailants injected malicious code into the tools Baidu uses to
serve ads on a wide range of Chinese Web sites and to provide analytics
for Web developers, according to researchers. The code instructed the
browsers of visitors to those sites to rapidly connect to other sites,
but in a way that the visitors couldn't detect. That sent a flood of
traffic to two anti-censorship tools offered by the group GreatFire
hosted on GitHub, a popular site used by programmers to collaborate on
software development. One of the tools targeted by the
attack effectively allows Chinese users to access a translated version
of the New York Times.
'At times the attack made GitHub, which is used by programmers around the world and the U.S. government itself, unavailable for some users.
'GitHub was briefly blocked inside
China in 2013, but reinstated after an outcry from programmers. Because
GitHub uses encryption to hide specific parts of the site, the Chinese
government cannot selectively block only some of GitHub's content. But
blocking the site wholesale could be damaging to China's economy
because it is so widely used by the tech industry.
'GreatFire reported its own site was the subject of a similar traffic flooding attack earlier this month.
determining the entities behind these types of attacks is difficult,
the Chinese government would be an obvious culprit, said James A. Lewis,
a senior fellow at the Center for Strategic and International
Studies. "The only people who would really benefit from it would be
China," he said. Using such a bold tactic to attack content it dislikes
seems to be either a way for the government to send a message or test
out new capabilities, he said.'