China blames Internet outage on hacking attack
Two-thirds of the websites in China were briefly inaccessible on Tuesday
IDG News Service - Tuesday's Internet outage in China is dividing experts over what caused the networking error, with authorities calling it a hacking attack, and others blaming it on the country's censorship systems.
The outage briefly crippled the Internet in China, with many local websites inaccessible to users. User traffic was mysteriously redirected to a U.S.-based IP address belonging to a company that has hosted software capable of circumventing China's online censorship.
The networking error, which only lasted a few hours, affected at least two-thirds of China's websites, according to Qihoo 360, a software security vendor in the country.
On Wednesday, local authorities said a preliminary investigation found that a hacking attack caused the outage. China's National Computer Network Emergency Response Technical Team is continuing to investigate the matter.
On the same day, China's state-controlled Xinhua News Agency published a story quoting security experts whodemanded authorities do more to protect the nation's Internet infrastructure.
Others experts, however, believe the error may have been caused by a glitch in China's notorious censorship systems, also known as "The Great Firewall."
China routinely blocks sites with content critical of the nation's government, including Facebook, Twitter, and The New York Times. Tuesday's Internet outage, however, rerouted traffic to an IP address belonging to Dynamic Internet Technology, a U.S. company whose site is also blocked by authorities.
The company's CEO Bill Xia said in an email that Dynamic Internet Technology had no hand in Tuesday's outage. Instead, he claimed China's own censorship systems were at play.
The company's clients include The Epoch Times, a publication banned in China. It also hosts Freegate software that can help Chinese Internet users view sites blocked in the country.
In the past, China's censors have blocked the company's sites with domain name system (DNS) hijacking. This is done by targeting domains like Epochtimes.com, and funneling their users to the wrong IP address, Xia said.
"This time, the DNS hijacking system targeted all domains instead for a few hours, thus the break down," he added.
Others experts in China suspect the same.
Speculation is growing that hackers hijacked a root DNS (Domain Name System) server in China to reroute all user traffic, said GreatFire.org, a group that monitors China's Internet and opposes the nation's censorship.
But in a Wednesday posting, GreatFire.org dismissed such claims, noting that a public DNS server operated by Google had also been affected by the networking error. During the outage, users trying to access the Google DNS server from China were also rerouted to the IP address from Dynamic Internet Technology.
"Some are suggesting Dynamic Internet Technology is behind the outage. However, hacking into a root DNS resolver is not enough to cause this outage," the group said. "They have to hack into GFW (The Great Firewall)."
Instead, authorities may have tried to block DIT's IP address, but accidentally ended up rerouting all the nation's traffic to the address, the group added.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Cyberwarfare White Papers | Webcasts