GitHub DDoS attack believed to be of Chinese origin through Baidu

30 Mar 2015

GitHub, a site used as the go-to source for new programs developed by coders, has found itself the target of a major denial of service (DDoS) attack, with many believing China to be at fault.

The site was popular among coders because it is considered somewhere to share ideas and programs freely for anyone to use, which, according to The Wall Street Journal has made itself the target of China in a bid to limit the tools to which they can better censor online anti-government sentiment.

GitHub themselves issued a statement over the weekend saying that the instigators of the attack went with a devastating multi-faceted approach that included both familiar to them and “some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic.”

The statement continued, “Based on reports we’ve received, we believe the intent of this attack is to convince us to remove a specific class of content.”

Attack on attack of censorship

Putting China as the source of the blame is not surprising given that the source of the overwhelming amount of traffic to its servers was found to have been a result of the re-directing of traffic from China’s largest search engine, Baidu, to GitHub which overwhelmed their servers.

To further complicate the location and shutting down of the attack, the Baidu referrals to GitHub’s pages came from those accessing the Chinese search engine from outside China so as to limit GitHub’s ability to contain the problem with automated systems not being able to distinguish multiple national sources as a DDoS attack.

The incident spanned from Thursday, 26 March to Sunday, 29 March and targeted two specific pages that were linking to two websites banned by the Chinese government: The New York Times’ website and Greatfire.org, a website that helps those in China by-pass the government’s censorship on particular websites.

The latter of these site had reported incidents of DDoS attacks directly to their site just under two weeks ago issuing a digital distress signal simply saying, “We are under attack and we need help.”

Both parties whose GitHub links were targeted in the DDoS attacks have refused to comment or speculate on the origin of the attacks.

GitHub logo image via Fumi Yamazaki/Flickr

Colm Gorey was a senior journalist with Silicon Republic

editorial@siliconrepublic.com