China claims it is a cyber victim as GitHub DDoS rolls on

The Chinese government has failed to deny claims that it is behind the distributed denial-of-service attack on GitHub, with the attack close to entering its 120th hour.
Written by Chris Duckett, Contributor

GitHub said its defences are holding against a sustained distributed denial-of-service (DDoS) attack that began on March 26.

The attack is aimed at two GitHub repositories -- GreatFire, which releases tools and hosts mirrors of banned sites to help Chinese citizens circumvent the county's stringent censorship controls, and cn-nytimes, which mirrors content from The New York Times' Chinese-language site -- and is reportedly being conducted by replacing JavaScript on Baidu, China's most popular search engine, with a script that directs traffic at GitHub.

It has been speculated that the Chinese government is behind the attack, a claim that China's Foreign Ministry spokesperson Hua Chunying did not deny in a press conference yesterday.

"It is quite odd that every time a website in the US or any other country is under attack, there will be speculation that Chinese hackers are behind it," Hua said.

"I'd like to remind you that China is one of the major victims of cyber attacks.

"We have been underlining that China hopes to work with the international community to speed up the making of international rules and jointly keep the cyberspace peaceful, secure, open and cooperative. It is hoped that all parties can work in concert to address hacker attacks in a positive and constructive manner."

Security researcher Richard Bejtlich blamed the Chinese government for the attacks.

"Even if somehow this is not a state-executed or state-ordered attack, according to the spectrum of state responsibility, the Chinese government is clearly responsible in one form or another," Bejtlich said in a blog post.

GreatFire said in a statement that it believes the attacks are related and come from the Chinese government.

Despite the attack, GitHub has said that its systems have been operating properly for the past day, but that it remains on high alert.

With AAP

Editorial standards