The attack began at 2 a.m. Sunday morning and was followed by a more intense attack at 4 a.m., according to the China Internet Network Information Center, which apologized to affected users in its statement and said it is working to improve its “service capabilities.”
The attack, which was aimed at the registry that allows users to access sites with the extension “.cn,” likely shut down the registry for about two to four hours, according to CloudFlare, a company that provides Web performance and security services for more than a million websites. Though the registry was down, many service providers store a record of parts of the registry for a set period of time, meaning that the outage only affected a portion of websites for some users.
Denial-of-service attacks cause disruptions by overwhelming a computer or network with a high level of online activity. Usually the attacks originate from networks of computers that have been hijacked by malware or viruses.
CloudFlare Chief Executive Matthew Prince said the company observed a 32% drop in traffic for the thousands of Chinese domains on the company’s network during the attack compared with the same time 24 hours earlier.
“That’s likely representative of the overall drop in traffic generally,” he wrote in an email.
Though the outages come at a sensitive time for the country, with the trial of fallen official Bo Xilai having just ended and a crackdown on social media potentially commentators commencing, the attack is perhaps more an indicator of just how susceptible the global Internet infrastructure is to these types of attacks.
China has one of the most sophisticated filtering systems in the world and analysts rate highly the government’s ability to carry out cyber attacks. Despite this, China is not capable of defending itself from an attack, which CloudFlare says could have been carried out by a single individual.
Nor for that matter are an array of companies and governments that have been hit recently by such denial-of-service attacks.
“I don’t know how big the ‘pipes’ of .cn are, but it is not necessarily correct to infer that the attacker in this case had a significant amount of technical sophistication or resources,” Mr. Prince wrote, adding, “It may have well have been a single individual.”Source: China Real Time Report – WSJ “Denial-of-Service Attack Shut Down Chinese Internet on Sunday Morning” – Paul Mozur
- China asks US to explain Internet surveillance (chinadailymail.com)
- Chinese Web Sites Go Down in Denial-of-Service Attack (sci-tech-today.com)
- Internet in China Hit By Denial Of Service Attack (sporkings.com)
- China Hit by ‘Largest Ever’ Hack Attack (voanews.com)
- Parts of China’s Internet were taken offline by denial-of-service attacks (thenextweb.com)
- Who’s Behind the “Biggest Cyberattack” in China’s History (punditfromanotherplanet.com)
- China’s internet registry suffers ‘largest ever’ attack (stuff.co.nz)
- .cn down as cybercrims hit China (smh.com.au)
- Chinese domains downed by ‘largest ever’ cyber-attack (independent.co.uk)
- How does a denial-of-service attack work? (economist.com)
- China Hit by Cyber Attack? Say it ain’t so (tradethenewsroom.com)