China is greatly disturbed by the ongoing pro-democracy, anti-Beijing protests in Hong Kong and has been targeting all the digital forums protestors are using to organize protests. One of the favored tactics of the Chinese government is of launching a distributed denial-of-service attack (DDoS attacks).
In September this year, HackRead reported that LIHKG, an online forum used by the activists behind Hong Kong protests suffered a series of DDoS attacks and forced it to go offline for several hours. Now, it has been revealed that it was the Chinese government that used its old and infamous DDoS tool called the Great Cannon to target LIHKG.
According to a report from AT&T Cybersecurity, the attack involving the Great Cannon was launched on August 31 and continued its activities until November 25. Using this tool, the attackers manage to successfully consumer the targeted website’s resources by bombarding it with web traffic.
In a distributed denial-of-service attack (DDoS attack) the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.
Citizen Lab explains that the Great Cannon is more than an extension of the Great Firewall because it is an independent tool that can hijack web traffic from individual IP addresses and “arbitrarily replace unencrypted content as a man-in-the-middle.”
Chris Doman from the Alien Vault business of AT&T Cybersecurity revealed that the LIHKG website is primarily used by protestors for sharing information and planning protests across the SAR region (Special Administrative Region) of China.
The DDoS tool, on the other hand, intercepts the web traffic from Chinese websites and injects malicious codes to force users’ devices to make a large number of web requests against the website that is being targeted as well as other sites and memes appearing on the forum.