On Sunday morning, China's Internet was hit with the largest Denial of Service attack it has ever seen, according to China Internet Network Information Center. The assault, which took down sites like Weibo (the Twitter of China), Amazon.cn, and the Bank of China, resulted in a 32 percent drop in Internet traffic — and nobody knows who did it.
The attacks came in two waves, starting at 2 a.m. and then again at 4 a.m. Denial of service, or DDoS, attacks use malware-infected computers to overwhelm a network by hitting servers with more activity than they can handle, overwhelming websites so that they are rendered inaccessible . Reports say the outages across China lasted somewhere between 2 and 13 hours. It's unclear if the attacks are ongoing, but much of the Internet under the .cn domain is working now, according to The China Real Time Report.
The CNNIC says it will release more information shortly, but so far hasn't confirmed the origin of the attacks. Despite what sounds like a complex take-down of part of China's domain, a single person with little hacking experience could have performed the hack, according to Matthew Prince, the CEO of CloudFlare, which provides Web performance and security services for more than a million websites. "I don’t know how big the 'pipes' of .cn are, but it is not necessarily correct to infer that the attacker in this case had a significant amount of technical sophistication or resources," he told The Wall Street Journal's Paul Mozur Monday afternoon China time. "It may have well have been a single individual."
China could have even DDoS-ed itself. In a report from April this year, China was cited as the top source for hacks of these kinds. It would have been a politically convenient time for China to take down the Internet — especially Weibo, where much of China's public discourse takes place, as Mozur notes. He writes: "The outages come at a sensitive time for the country, with the trial of fallen official Bo Xilai having just ended and a crackdown on social media potentially commentators commencing."
Other culprits include foreign governments, like the United States. (China has accused the American government of hacking more than China allegedly hacks the U.S.) In February, the Chinese government reported an increase in Trojan and botnet attacks against the country, the majority of which came from South Korea, Germany, and the U.S.
Whoever the culprit, the hack shows that China's internet security has holes easy enough for one person to exploit. That's pretty shocking considering the sophistication of its cyber security experts, notes Mozur. "China has one of the most sophisticated filtering systems in the world and analysts rate highly the government’s ability to carry out cyber attacks," he writes. "Despite this, China is not capable of defending itself from an attack."
This article is from the archive of our partner The Wire.