Η China φέρεται να έχει αναβαθμίσει το σύστημα αποκλεισμού ιστοσελίδων, που ονομάζεται από τους ειδικούς Great Firewall, για να μπορεί να εξαπολύει επιθέσεις σε ξένες επιχειρήσεις και οργανισμούς στο Internet through any browser.
Researchers from the University of Toronto, the International Computer Science Institute, the University of Berkeley, and Princeton University, have confirmed the suspicion of too many security researchers: China holds hostage web traffic across the country and neutralizes websites criticism of the authoritarian regime.
Typically, the links to its web servers China περνάνε μέσω των συνοριακών δρομολογητών (routers) του κράτους, οι οποίοι μπορούν και πραγματοποιούν έγχυση κακόβουλου code JavaScript in the web pages that are loaded. This malicious code causes victims' browsers to silently send multiple requests (DDoS) to selected targets.
So the websites that interest the world end up not working, since they accept a classic Denial of Service attack. In this way, the Chinese government ensures that no one in the world can access it.
Such an attack began last month on the Californian GitHub.com service, which hosts two projects that bypass China's Great Firewall censorship mechanisms.
This aggressive firewall has been named Great Cannon) από τους ερευνητές, και συνήθως λειτουργεί με hijacks στις αιτήσεις από το δίκτυο διαφήμισης Baidu της Κίνας. Όποιος επισκέπτεται μια ιστοσελίδα που σερβίρει τις διαφημίσεις του Baidu, θα μπορούσε να καταλήξει άθελά του να βομβαρδίζει ένα ξένο site που δεν αρέσει στις κινέζικες αρχές.
"In the attack on GitHub and GreatFire.org, the Great Cannon intercepted traffic sent to Baidu infrastructure servers commonly used for analytics, social, or advertising scripts," the researchers said in a blog post.
The researchers point out that Great Cannon and Great Firewall are structured in a very similar way, reports theRegister. They look like downloading traffic from the internet, and how the applications are coming or gone from the country, but also how they are analyzed before any republication or redirection of traffic.
Diagram explaining how Great Cannon works. Credit: CitizenLab.org
(Click to enlarge)
Unlike the Great Firewall, however, Great Cannon works with a much closer focus by watching traffic in only a few specific sites (websites) before injecting the malicious JavaScript code to carry out the distributed denial attack attack.
Researchers believe that behind it Great Cannon the Chinese government is hiding. They note that the Great Cannon but also the Great Firewall are located in facilities operated by state-owned ISPs.
"The development of the Great Cannon is a major change in tactics, and it has very visible consequences," they wrote.
Researchers point out that the Great Cannon really bears a striking resemblance to another web-injection platform - the QUANTUM tool of NSA and GCHQ which has been used in the past to attack Telco and other websites.
