China websites suffer breach in suspected attack

China websites suffer breach in suspected attack

Summary: Online users in the country were redirected to a webpage operated by a U.S. tech company which clients include The Epoch Times, a newspaper run by the Falun Gong religious group which is outlawed in China.

TOPICS: Security, China

Several websites in China on Tuesday afternoon were redirected to a blank webpage operated by a U.S. technology company, in what was suspected to be a DNS attack.

Online users in the country were unable to access any website hosted on the mainland or overseas with top-level domains such as ".com", ".net", and ".org", according to a South China Morning Post (SCMP) report, which cited incidents reported by several major ISPs (internet service providers). Web addresses ending in the ".cn" country code were unaffected. 

The problem was resolved within an hour, but continued to affect online users who accessed cached copies of the webpages.

Affected users were redirected to a website operated by Dynamic Internet Technology, a U.S. company that provides a software tool, called Freegate, which allows online users to access websites blocked by their governments, such as China, Syria, and Vietnam. According to the company's website, its clients include The Epoch Times, a newspaper run by the Falun Gong religious group, which is banned in China, as well as Radio Free Asia and Human Rights In China. 

Dynamic Internet Technology's president, Bill Xia, confirmed it owned the web address of the redirected site, but insisted the incident was the result of the Chinese government's online filtering system which backfired. Xia told SCMP: "We noticed a sudden increase of traffic and suspected we were under attack. Our security system has activated a protection mechanism so visitors to the address are not able to see anything."

He suggested a DNS malfunction or operator error might have redirected online users to banned IP addresses such as his company's, pointing to a 2002 incident during which visitors to Sina's website were redirected to Falun Gong's website. "I guess [Beijing's]…DNS hijacking backfired again," Xia said.

IT security vendors suggested the incident could have been a cyberattack, while a local ISP described the scale of it as unprecedented for mainland China. 

According to other local reports, the problem affected root gTLD servers in China which served up to two-third of websites in the country, but did not affected overseas online users. 

The Chinese government just this week mandated that online users register with their real names before they are allowed to upload videos to local video websites, expanding further controls on the types of content posted online. In 2012, it ordered microbloggers or weibo users to register their accounts with their real names, and last year extended this requirement to include prepaid mobile Internet cards and fixed-line phone services

China's online population has climbed to over 618 million, with almost 250 million accessing the Web to watch or download video content via their smartphones. 

Topics: Security, China


Eileen Yu began covering the IT industry when Asynchronous Transfer Mode was still hip and e-commerce was the new buzzword. Currently a freelance blogger and content specialist based in Singapore, she has over 16 years of industry experience with various publications including ZDNet, IDG, and Singapore Press Holdings.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Nothing new in China

    The Internet erratic behaviour in China is nothing new. I spend the last two years in Shanghai, and more years working there, and there is nothing like a coherence: Sites partially or totally blocked, redirection to nowhere or odd sites, slow email transfers, https sites blocked, JPL site blocked but NASA available. It is a daily battle to access services outside China, full of changes and surprise. I can't explain many of these events but by a miss-management of the massive Great Internet Wall of China. What is it clear is that the control have been strengthened during the past two years, more service blocked or disrupted, often for the benefit of the local companies (Tecent for example). It is not only a political censorship but also economical protectionnisme. For the small story last week the posts containing "censor" and all the derivatives of this world have been banned and removed from all the social medias.