Google says Chinese Great Cannon shows need to encrypt web

  • -

Google says Chinese Great Cannon shows need to encrypt web

Category : CyberCrime , DataBreach

Summary:The large DDoS attack on GitHub and Greatfire that occurred over March and April would not have been possible with encrypted web traffic, Google has said.

For a month and a half, China’s new Great Cannon attack injected HTML and JavaScript aimed at flooding GitHub and Greatfire.org servers into web requests to popular Chinese search engine Baidu.

Described at the time as a significant escalation of state-level information control and a censorship tool powered by weaponising users, Google said on the weekend that the attack would not have been possible if the web had embraced moves to encrypt its transport layers.

“This provides further motivation for transitioning the web to encrypted and integrity-protected communication,” Google security engineer Niels Provos said in a blog post. “Unfortunately, defending against such an attack is not easy for website operators.”

According to Google, on March 25, the attack switched from Greatfire to Github.

“The attack against GitHub seems to have stopped on April 7th, 2015, and marks the last time we saw injections during our measurement period,” Provos said.

During the attack, 19 different JavaScript replacement payloads were detected, and although Google said it was unable to determine a number for different HTML attacks, the payloads were similar.

Provos said that although Google’s Safe Browsing analysis was limited to HTTP, and therefore could not be pinned on anyone, it showed that hiding such attacks is difficult.

“Another hope is that the external visibility of this attack will serve as a deterrent in the future,” he said.

Article: ZDNET


About Author

Tamara Eikelenboom-Kamp

Tamara Eikelenboom-Kamp

Tamara Eikelenboom-Kamp is managing director at Innovice-IT. She is mainly publishing about CyberSecurity. She is working with several specialists based on their knowledge and skills in cyber-security and cyber-safety. The emphasis is on conceptual thinking, developing plans, innovative software or innovative methods. The main activities of Innovice-IT are Cyber Security Consulting, Penetration Testing and Secure Managed Hosting.

Search

Innovice-IT on Twitter

  1. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: Unfilled cybersecurity jobs are expected to reach 1.8 million by 2022, up 20 percent from 1.5 million in 2015, accordin…

  2. Bas Eikelenboom

  3. Bas Eikelenboom
    Bas Eikelenboom: RT @RidT: A few observations on today's "online escalation" New York Times story. I see lots of people making assumptions and jumping to co…

  4. Bas Eikelenboom
    Bas Eikelenboom: RT @bellingcat: Bellingcat's @Timmi_Allen put together the following video demonstrating how various images of the Kokuka Courageous match…

  5. Bas Eikelenboom
    Bas Eikelenboom: RT @InfoSecHotSpot: AI and 5G will create an explosion in cybersecurity risks, says FBI agent and general counsel at $50 billion firm https…

Archive

Categories