Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Network Security / China's New Web Censorship Weapon
China Reportedly Deploys New Internet Censorship Weapon
China Reportedly Deploys New Internet Censorship Weapon
By Jef Cozza / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
It's dubbed the "Great Cannon," and it's China's new offensive digital weapon capable of shutting down Web sites across the globe, according to a report released Friday. The weapon has already been implicated in two attacks made last month on systems located outside China.

The weapon, which was so named to distinguish its purpose and capabilities from China’s well-known censorship tool, the “Great Firewall,” mounts distributed denial of service (DDoS) attacks to take down its targets. According to the report, the Great Cannon delivers exploits targeting any foreign computer that communicates with any China-based Web site not fully utilizing HTTPS. The weapon was used to attack and GitHub last month by injecting malicious Javascript into Baidu connections.

Escalating the War

Researchers who analyzed the new system described it as “a significant escalation in state-level information control: the normalization of widespread use of an attack tool to enforce censorship by weaponizing users.” The report is the work of the Citizen Lab, an interdisciplinary laboratory based at the University of Toronto focusing on information technology. Researchers at Princeton and the University of California, Berkeley, also collaborated on the report.

The Great Cannon is able to manipulate the traffic of “bystander” systems outside China, silently programming their browsers to create massive DDoS attacks. “The Great Cannon is not simply an extension of the Great Firewall, but a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man-in-the-middle,” the Citizen Lab reported.

The Great Firewall works by spying on traffic between systems located in China and others located abroad, and terminating requests for banned content by injecting forged TCP reset packages that tell the two systems to stop communicating with each other. The Great Cannon, on the other hand, does not actively monitor all traffic, but only focuses on traffic to specific sets of IP addresses.

A Powerful New Weapon

The Citizen Lab said that the Great Cannon is co-located with the Great Firewall, and both use similar source code. Those two facts strongly suggest that the Chinese government is behind the attacks. China has also previously described GreatFire, one of the Great Cannon’s targets, as a “foreign anti-Chinese organization.”

GitHub, meanwhile, has repositories of software that help users circumvent censorship technology. China had previously blocked GitHub, but was forced to backtrack after negative reactions from local programmers.

The true significance of the Great Cannon may yet to be realized, according to the Citizen Lab. The Cannon’s ability to mount attacks by IP addresses could represent a major new ability to launch cyberattacks. Specifically, it can deliver malware to targeted individuals who communicate with any Chinese server that is not employing cryptographic protections. Targets would not necessarily realize that their computers were communicating with Chinese servers, as non-Chinese Web sites located outside China could (for example) serve ads ultimately sourced from Chinese servers.

It would also be straightforward for China to intercept unencrypted e-mails to or from target IP addresses and undetectably replace any legitimate attachments with malicious payloads, manipulating e-mails sent from China to outside destinations.

Those capabilities put the Chinese government in the company of the only other two organizations known to have tampered with unencrypted Internet traffic to control information or launch attacks: the NSA (National Security Agency) and its U.K. counterpart, the GCHQ (Government Communications Headquarters).

Tell Us What You Think


W. Sue:
Posted: 2015-04-10 @ 5:49pm PT
Wall and cannon, looks like a medieval scene

Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.