Cyberattack Suspected for Major Internet Outage

Yesterday, all websites without a .cn top-level domain were temporarily inaccessible by web users in mainland China. Any attempts to access sites with common top-level domains directed users to the website for Dynamic Internet Technology, a technology firm with ties to the Falun Gong organization. The South China Morning Post reports on conflicting theories as to the cause of yesterday’s temporary Internet outage:

Beginning at 3pm, users could not access any website, either hosted on the mainland or overseas, with top-level domains such as .com.net and .org including Sina Weibo, according to several major internet service providers. Web addresses with the .cn country code were not affected.

[...] [Dynamic Internet Technology] Company president Bill Xia confirmed to the South China Morning Post the web address belonged to them. But he believed the incident was a backfiring of the government’s own web censoring system. “We noticed a sudden increase of traffic and suspected we were under attack,” he said. “Our security system has activated a protection mechanism so visitors to the address are not able to see any thing.”

[...] An internet security engineer with a major anti-virus company in Beijing said the incident could be a “showdown” with the authorities brought by anti-government activists overseas.

Another expert said: “The security of mainland websites is very poor and they have low awareness of protection. Even an individual could launch an attack.” [Source]

Dynamic Internet Technology is the developer of the popular anti-censorship application Freegate. In addition to the Falun Gong affiliated Epoch Times newspaper, the DIT website also lists Voice of America, Radio Free Asia, and Human Rights in China as clients. According to censorship tracking website greatfire.org, the company’s English and Chinese websites are normally blocked in mainland China.

Coverage from the Wall Street Journal attributes yesterday’s problem to a malfunction with the Domain Name System (DNS), and quotes an official from China’s Internet affairs agency expressing uncertainty that this outage was caused by an outside attack:

According to two Chinese Internet security companies, the problem was the result of an irregularity with servers that help convert a domain name, such as “www.baidu.com,” into a numerical IP address, which is required to connect a user’s computer to a website they are searching.

On its official Sina Weibo account, Internet security company Qihoo 360 Technology said the problem was due to a malfunction with these servers, commonly known as Domain Name System, or DNS, servers. The company said the problem appeared to affect two-thirds of the Chinese Internet.

[...] An official with the China Internet Network Information Center told the Beijing News that it was too early to tell whether it might be related to an outside attack. “To be sure there have been malicious attacks on the Domain Network System in the past, but right now under the current circumstances, we can’t say,” he said. [Source]