IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Github falls victim to possible Chinese cyber attack

Coding site hit by ongoing DDoS, experts suspect Chinese involvement

binary on a screen with words 'hacking attack'

Coding repository Github has been hit by a mammoth cyber attack, which is believed to be ongoing. 

The website, which is primarily used by developers and software engineers as a platform to store and distribute source code, has been experiencing large-scale Dedicated Denial of Service (or DDoS) attacks, which analysts believe are Chinese in origin.

Github has stated that it believes that "the intent of this attack is to convince us to remove a specific class of content". However, while it has not disclosed what it thinks might be behind the attack, experts have noted that the site is used by many Chinese coders to host tools which circumvent the country's notorious internet censorship.

The cyber attacks hitting the website have largely stemmed from visitors to Chinese Google equivalent Baidu.com being redirected to Github. The search engine has disavowed any connections to the attack, saying it will "get to the bottom of this".

The tactics used in this particular DDoS have been remarkably thorough. While well-known DDoS-ers Anonymous uses mob logic and sheer force of numbers to overwhelm sites, the attack on Github has used "a wide combination of attack vectors" including "sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people".

One of the primary targets of the Github attack is anti-censorship organisation GreatFire, which hosts its firewall bypass tools on Github. The group has clashed with Chinese authorities before, calling repeatedly for security certificates issued by the Chinese Internet Network Information Centre to be revoked and classified as untrusted.

Hacking

This follows a spate of repeated cyberattacks on the likes of Outlook, Google, Microsoft and more. GreatFire says it has "concrete proof" that China was behind these attacks, citing a Google blog post highlighting the issue of unauthorised certificates.

These links have led some experts to theorise that the Chinese People Liberation Army is behind these hacks. While Github is too valuable a resource to the rapidly-expanding Chinese tech industry to be blocked entirely, it is being speculated that these outages are China's attempt to strong-arm Github's moderators into removing anti-censorship content belonging to GreatFire and others.

This attack bears some marked similarities to the Sony Pictures hack late last year, which was seemingly prompted by negative depictions of North Korean leader Kim Jong Un in The Interview. While the country's military stridently denied any involvement, there were suspicions in many camps that the hacks were allegedly sanctioned by the Korean Government.

Whether or not this is the case, some suggest that China saw the success of the Sony hacks and opted for a similar strategy. It's something the Chinese have been accused of before, and if the cyber attacks currently plaguing Github are Chinese in origin, it could be a sign that cyber terrorism is now seen as a viable method of intimidation.

At time of writing, Github is still online. However, the attack continues, and the cost of holding out against a cyber siege for five days (and counting) is likely to be taking its toll on the websites coffers. It's currently unknown whether the site will cave to the sustained pressure and block GreatFire and its ilk, or if that's even the aim of the attacks.

Is your business prepared for new EU cyber security regulations? This whitepaper offers advice, insight and guidance on what to do next. Read it today here

Featured Resources

Big data for finance

How to leverage big data analytics and AI in the finance sector

Free Download

Ten critical factors for cloud analytics success

Cloud-native, intelligent, and automated data management strategies to accelerate time to value and ROI

Free Download

Remove barriers and reconnect with your customers

The $260 billion dollar friction problem businesses don't know they have

Free Download

The future of work is already here. Now’s the time to secure it.

Robust security to protect and enable your business

Free Download

Most Popular

Why collaboration is key to digital transformation
Sponsored

Why collaboration is key to digital transformation

13 Sep 2022
Anonymous hacks Iranian government and state broadcasters
cyber attacks

Anonymous hacks Iranian government and state broadcasters

22 Sep 2022
What your hybrid workforce needs from their laptops
Advertisement Feature

What your hybrid workforce needs from their laptops

21 Sep 2022