The Attack on GitHub Must Stop

For many years, private organizations in the West have endured attacks by the Chinese government, its proxies, and other parties. These intruders infiltrated private organizations to steal data. Those not associated with the targeted organizations were generally not directly affected.

Today an action by the Chinese government is affecting millions of users around the world. This is unacceptable.

You may be aware that an American technology company, GitHub, is suffering a massive distributed denial of service attack, at the time of writing.

According to Insight Labs, Internet traffic within China is being manipulated, such that users are essentially attacking GitHub. They are unwittingly requesting two sites hosted by GitHub. The first is a mirror of the Chinese edition of the New York Times (blocked for several years). The other is a mirror of the GreatFire.org Web site, devoted to discovering and exposing Internet filtering by China's "Great Firewall."

As noted in this Motherboard story, it's unlikely a party other than the Chinese government could sustain this attack, given the nature of the traffic injection within the country's routing infrastructure. Even if somehow this is not a state-executed or state-ordered attack, according to the spectrum of state responsibility, the Chinese government is clearly responsible in one form or another.

It is reprehensible that the censorship policies and actions of a nation-state are affecting "over 3.4 million users and with 16.7 million repositories... the largest code host in the world." (Source)

The Chinese government is forcing GitHub to expend its private resources in order to continue serving its customers. I call on the US government, and like-minded governments and their associates, to tell the Chinese to immediately stop this activity. I also believe companies like IBM, who are signing massive IT deals with "Chinese partners," should reconsider these associations.

Comments

Alex L said…
This is an assault on free speech that extends well beyond Chinese borders. Congratulations to GitHub and GreatFire.org for defending themselves so well and not caving

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics