This past week has seen a number of foreign websites and online services disrupted in China. Greatfire.org reported that Outlook was subjected to a man-in-the-middle attack, which allowed the attackers access to the emails, contacts, and passwords of some Outlook users in China. Read the details of the attack via Greatfire.org, which says, “We once again suspect that Lu Wei and the Cyberspace Administration of China [CAC] have orchestrated this attack or have willingly allowed the attack to happen.” Through Xinhua, a CAC spokesperson called Greatfire’s report “groundless slander.”
More recently, a number of Virtual Private Network (VPN) services, which provide users a tunnel to access websites normally blocked by the Great Firewall, have reported disruption in their services from China:
— Angela Doland (@angeladol) January 21, 2015
For TechCrunch, Jon Russell reports:
Strong VPN noted on its blog that it is suffering “connection issues” from China, while TunnelBear told TechCrunch it is investigating after reports from some China-based customers who “have been less successful in connecting over the last few weeks.”
[…] Other prominent VPN services noted stronger attacks, but claimed to operate as usual.
A spokesperson at ExpressVPN told TechCrunch that its “services appear to be working normally on all platforms, including for China customers.”
[…] “The Chinese government has attempted to curtail the use of VPNs that its citizens use to escape the Great Firewall for a couple years. [The] latest attack appears to use deep packet inspection to inspect and block VPN protocols in combination with blocking specific VPN server endpoints,” Golden Frog president Sunday Yokubaitis said in a statement. [Source]
The services affected include popular Virtual Private Network (VPN) providers Astrill, StrongVPN and Golden Frog, which are engaged in a technological arms race to one-up China’s highly sophisticated Great Firewall internet censorship system.
“This week’s attack on VPNs that affected us and other VPN providers is more sophisticated than what we’ve seen in the past,” said Sunday Yokubaitis, president of Golden Frog.
Chinese internet analysts said internet services should observe the network governance of the country “for safety,” according to the Global Times, an influential tabloid published by the ruling Communist Party’s official People’s Daily newspaper.
A cyber security expert at a government-backed Chinese think-tank told the Global Times that China’s Great Firewall “has been upgraded for cyberspace sovereignty”, in a rare acknowledgement in state-run media of the country’s efforts to block technical workarounds to the firewall. [Source]
From the Global Times report, which differentiates between VPN users with “ulterior purposes” and those who use them “in the right way”:
Whether to block VPN services and how to block them are closely related to the country’s ability of network governance, Qin An, a cyber security expert at the China Institute for Innovation and Development Strategy, told the Global Times Thursday.
“Authorities apparently cannot ignore those services as they affect our cyberspace sovereignty. For instance, a shortcut has to be blocked since it could be used for some ulterior purposes although it might affect others who use it in a right way,” said Qin.
A cyber security analyst previously pointed out that companies running a VPN business in China must register with the Ministry of Industry and Information Technology, and unregistered VPN service providers are not protected by Chinese laws. [Source]
After the problems with VPNs were discovered, Greatfire highlighted its workaround for some blocked sites:
— GreatFire.org (@GreatFireChina) January 21, 2015
ProPublica ran a test to see which of 18 popular international English-language news sites were regularly blocked by the Great Firewall – some of the kinds of sites that Internet users in China use VPNs to access. Read more about the Great Firewall and VPNs in China, via CDT.