Η Κίνα φέρεται να έχει αναβαθμίσει το σύστημα αποκλεισμού ιστοσελίδων, που ονομάζεται από τους ειδικούς Great Firewall, για να μπορεί να εξαπολύει επιθέσεις σε ξένες επιχειρήσεις και οργανισμούς στο διαnetwork through any browser.
Researchers from the University of Toronto, the International Computer Science Institute, the University of Berkeley, and Princeton University, have confirmed the suspicion of too many security researchers: China holds hostage web traffic across the country and neutralizes websites criticism of the authoritarian regime.
Typically, connections to China's web servers go through the state's border routers, which can and do inject malicious JavaScript code into the web pages that are loaded. This malicious code makes the browsers of victims, to silently send multiple requests (DDoS) to selected targets.
So the websites that interest the world end up not working, since they accept a classic Denial of Service attack. In this way, the Chinese government ensures that no one in the world can access it.
Such an attack began last month on the Californian GitHub.com service, which hosts two projects that bypass China's Great Firewall censorship mechanisms.
This aggressive firewall has been dubbed the Great Cannon by researchers, and usually works with hijacks on requests from China's Baidu advertising network. Anyone who visits a website that serves Baidu's ads could inadvertently end up bombing a foreign site that does not appeal to the Chinese authorities.
"In the attack on GitHub and GreatFire.org, the Great Cannon intercepted traffic sent to Baidu infrastructure servers commonly used for analytics, social, or advertising scripts," the researchers said in a blog post.
The researchers point out that Great Cannon and Great Firewall are structured in a very similar way, reports theRegister. They look like downloading traffic from the internet, and how the applications are coming or gone from the country, but also how they are analyzed before any republication or redirection of traffic.
Diagram explaining how Great Cannon works. Credit: CitizenLab.org
(Click to enlarge)
Unlike the Great Firewall, however, Great Cannon works with a much closer focus by watching traffic in only a few specific sites (websites) before injecting the malicious JavaScript code to carry out the distributed denial attack attack.
Researchers believe that behind it Great Cannon the Chinese government is hiding. They note that the Great Cannon but also the Great Firewall are located in facilities operated by state-owned ISPs.
"The development of the Great Cannon is a major change in tactics, and it has very visible consequences," they wrote.
The researchers point out that Great Cannon actually bears a striking resemblance to another platform for web-injection - the QUANTUM tool of NSA and GCHQ which has been used in the past to attack Telco and other websites.
