Great Cannon Of China
   HOME

TheInfoList



Click Here for Items Related To - Great Cannon Of China
OR:
Great Cannon Of China on:   [Wikipedia]   [Google]   [Amazon]

The Great Cannon of China is an
Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
attack tool that is used by the
Chinese government The Government of the People's Republic of China () is an authoritarian political system in the People's Republic of China under the exclusive political leadership of the Chinese Communist Party (CCP). It consists of legislative, executive, m ...
to launch
distributed denial-of-service attack In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connec ...
s on websites by performing a
man-in-the-middle attack In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...
on large amounts of
web traffic Web traffic is the data sent and received by visitors to a website. Since the mid-1990s, web traffic has been the largest portion of Internet traffic. Sites monitor the incoming and outgoing traffic to see which parts or pages of their site are ...
and injecting code which causes the end-user's web browsers to flood traffic to targeted websites. According to the researchers at the
Citizen Lab The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. It was founded by Ronald Deibert in 2001. The laboratory studies information controls that impact the openness ...
, the
International Computer Science Institute The International Computer Science Institute (ICSI) is an independent, non-profit research organization located in Berkeley, California, United States. Since its founding in 1988, ICSI has maintained an affiliation agreement with the University ...
, and
Princeton University Princeton University is a private research university in Princeton, New Jersey. Founded in 1746 in Elizabeth as the College of New Jersey, Princeton is the fourth-oldest institution of higher education in the United States and one of the ...
's Center for Information Technology Policy, who coined the term, the Great Cannon hijacks foreign web traffic intended for Chinese websites and re-purposes them to flood targeted
web servers A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiates ...
with enormous amounts of traffic in an attempt to disrupt their operations. While it is co-located with the
Great Firewall The Great Firewall (''GFW''; ) is the combination of legislative actions and technologies enforced by the People's Republic of China to regulate the Internet domestically. Its role in internet censorship in China is to block access to selected for ...
, the Great Cannon is "a separate offensive system, with different capabilities and design." Besides launching denial-of-service attacks, the tool is also capable of monitoring web traffic and distributing malware in targeted attacks in ways that are similar to the Quantum Insert system used by the U.S.
National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collect ...
.


Mechanism

The Great Cannon hijacks insecure traffic inbound to servers within the Great Firewall, and injects
JavaScript JavaScript (), often abbreviated as JS, is a programming language that is one of the core technologies of the World Wide Web, alongside HTML and CSS. As of 2022, 98% of websites use JavaScript on the client side for webpage behavior, of ...
that redirects that traffic to the target. These attacks fail when websites have
HTTPS Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is enc ...
encryption.


Known uses

The first known targets of the Great Cannon (in late March 2015) were websites hosting censorship-evading tools, including
GitHub GitHub, Inc. () is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continu ...
, a web-based code hosting service, and
GreatFire GreatFire (GreatFire.org) is a website that monitors the status of websites censored by the Great Firewall of China and helps Chinese Internet users circumvent the censorship and blockage of websites in China. Through an investigation by the Asso ...
, a service monitoring blocked websites in China. In 2017, the Great Cannon was used to attack the
Mingjing News Mingjing News ( zh, 明鏡新聞) is a New York-based Chinese-language news website owned by Mirror Media Group. Its editor-in-chief is Ho Pin. Stories broken by Mingjing News include predicting appointments to the Chinese Communist Party's Pol ...
website. , the Great Cannon was being used to attempt to take down the
Hong Kong Hong Kong ( (US) or (UK); , ), officially the Hong Kong Special Administrative Region of the People's Republic of China (abbr. Hong Kong SAR or HKSAR), is a city and special administrative region of China on the eastern Pearl River Delta i ...
-based
LIHKG LIHKG ( zh, t=連登, cy=Lìhn dāng) is a multi-category forum website based in Hong Kong. The website has gained popularity since the launch in 2016, and is often referred to as the Hong Kong version of Reddit. Threads with more up-votes and r ...
online forum, even though the
Basic Law of Hong Kong The Basic Law of the Hong Kong Special Administrative Region of the People's Republic of China is a national law of China that serves as the organic law for the Hong Kong Special Administrative Region (HKSAR). Comprising nine chapters, 160 ar ...
clearly states that Hong Kong's internet is the affairs of Hong Kong and Hong Kong only.


Reaction

''
Quartz Quartz is a hard, crystalline mineral composed of silica ( silicon dioxide). The atoms are linked in a continuous framework of SiO4 silicon-oxygen tetrahedra, with each oxygen being shared between two tetrahedra, giving an overall chemical ...
'' reported that the 2015 GitHub attack caused "severe" political problems for China, including the
United States Department of State The United States Department of State (DOS), or State Department, is an United States federal executive departments, executive department of the Federal government of the United States, U.S. federal government responsible for the country's fore ...
viewing it as "an attack against US infrastructure".


See also

* Internet censorship in China


References

{{China national security Cyberwarfare Denial-of-service attacks Internet censorship in China Political repression in China Hacking (computer security) Espionage Botnets