China accuses hackers for Internet disruption; experts suspect censors

Posted: January 23, 2014 at 12:45 am

A mysterious glitch in China led to one of the biggest-ever Internet blackouts on Tuesday, forcing massive volumes of Chinese Web traffic to U.S. servers belonging to a firm with a long history of protesting the government in Beijing and evading its censors.

The disruption, which crippled service for most of Chinas roughly 600 million Internet users, began abount 3 p.m. in Beijing (2a.m. EST) and lasted as long as eight hours, according to Compuware, a Detroit-based firm that monitors Web performance.

The official China Internet Network Information Center said the disruption was probably the result of a hacking attack, but Internet experts said that the cause appears to have been a flawed effort by Chinese Web censors part of what is known as the Great Firewall of China to block sites the government deems subversive.

But instead of censoring, the government appears to have momentarily shut down much of the countrys access to the Internet by mistakenly directing all of that Web traffic to servers controlled by Dynamic Internet Technology, a U.S. software company founded by anti-censorship activist Bill Xia.

Xia said in an e-mail that the disruption, which crashed his servers, was caused by Chinas hijacking system, which is part of Chinas Great Firewall. Xia, who moved to the United States from China in the late 1990s, sells software and services to Voice of America, Radio Free Asia, the U.S.-based organization Human Rights in China and Epoch Times, a newspaper published by the Falun Gong religious group.

This incident both communicates the fragility of the Chinese Internet but it also reminds us how robust and resilient their censorship has been, said James Mulvenon, director of Defense Group Inc.s center for intelligence research and analysis.

The Great Firewall works in myriad ways to control what Chinese Internet users can see online, from obstructing searches on sensitive topics such as the 1989 Tiananmen Square protests to blocking entire Web sites, such as social media sites Facebook and Twitter.

The Chinese government blocks sites by exploiting a weakness in the infrastructure of the Internet. Lets say a user is trying to reach a site by entering the domain name for instance, Facebook.com into a browser. Ordinarily, that request gets sent to whats known as a DNS server, which matches the domain name to an IP address, a series of digits that computers can use to identify each other.

Internet experts say Chinas Great Firewall works by redirecting traffic to erroneous or fake IP addresses. But in the case of Tuesdays glitch, something seemed to go wrong.

A massive amount of traffic was diverted to 65.49.2.178, an IP address affiliated with Xias Dynamic Internet Technology, a group whose work is routinely censored by the Chinese government.

See original here:
China accuses hackers for Internet disruption; experts suspect censors

Related Posts