China’s ‘Great Cannon’ cyber weapon is designed to censor the internet

Chinese President Xi Jinping's government has unveiled a new tool to censor Internet speech image

A powerful new Internet weapon unleashed by the Chinese government against websites working to bypass the country’s online censorship was meant to deliver a not-so-subtle message to activists and foreign governments that the Communist nation will escalate efforts to control information on its networks.

The attacks last month, against the site of Chinese Internet freedom group Great Fire and U.S.-based site GitHub that hosts content banned in China, were performed by a new tool dubbed the “Great Cannon” that can steer the traffic of individual users to launch direct denial of service attacks against targeted websites, overwhelming the sites with data.

China has long imposed Internet censorship through a vast and expensive system dubbed the “Great Firewall” that prevents users from reaching much of the Web, but that system can be bypassed, permitting access to Western sites including the New York Times. Unlike the firewall, the new offensive weapon allows Chinese officials to launch attacks against sites they deem hostile, representing a “significant escalation in state-level information control,” according to a report by cybersecurity research group Citizen Lab, which first documented the weapon’s existence.

obama head shot image

The Great Cannon raises the risks for activist websites aiming to report, for example, on corruption in China’s government or on the June 4 anniversary of the 1989 Tiananmen Square violence against pro-democracy protesters. But the Internet weapon could also be used to attack sites based in foreign countries, says Sarah Cook, senior research analyst for East Asia at Freedom House advocacy group.

“What is worrisome about this is that it could be used to attack the New York Times website on a critical day like a U.S. election,” she says. “Potential future escalation could be a use of this in conjunction with some real world tension around the East or South China seas. Maybe a few years down the road, if you see China in a crisis with Japan or the Philippines, they could redirect traffic against those networks.”

The attacks last month were indelicate and relatively easily traced back to China, so it was likely that officials there were sending a signal with the new weapon, Cook says.

An attack against the Times would be unlikely, in part because of the international outrage it would spark, says Ben FitzGerald, director of the Technology and National Security Program at the Center for a New American Security think tank. Media sites including the Times will still be able to bypass the Great Firewall using methods like proxy servers that allow access to the global Internet while evading domestic surveillance, but the Great Cannon shows Chinese resolve to take the offensive on cybersecurity, he says.

“There is a lot of power behind the Great Cannon,” says FitzGerald, who has consulted on cybersecurity for the U.S. and Australian governments. “It’s not very subtle, so for espionage they may choose to employ other methods.”

China Great Cannon system chart

Courtesy of Citizen Lab

China cracks down on the press and Internet freedom with online attacks or censorship when it anticipates political protest, and has launched direct denial of service attacks against sites like Human Rights in China or China Aid – but redirecting traffic is a new method.

The weapon redirected traffic flowing through China’s networks from not only Hong Kong and Taiwan, but also from the U.S., into a massive direct denial of service attack. Such data attacks could be costly for opponents of the Chinese Communist Party, as during the height of the attacks the Great Cannon redirected traffic from millions of users, raising GreatFire’s data-hosting bill with Amazon to $30,000 per day, Cook says.

china president at function image

China’s apparent involvement with Internet weapons like this will likely raise more scrutiny from the Obama administration, which has criticized China for sponsoring hackers that steal trade secrets from U.S. businesses.

President Barack Obama recently issued an executive order giving agencies the authority to coordinate on sanctions that would penalize “individuals or entities that engage in malicious cyber-enabled activities that create a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.” The Justice Department last May also indicted five members of China’s People’s Liberation Army for allegedly stealing trade secrets and communications from U.S. companies.

“Evidence of offensive activities like these will bolster those efforts,” FitzGerald says. “The Obama administration has gone out of its way to make cybersecurity a legal and economic problem – not a military problem, which is the right approach.”

Citizen Lab, based at the University of Toronto’s Munk School of Global Affairs, warned in its report that China’s use of the Great Cannon could pressure other governments to develop Internet weapons. The National Security Agency has reportedly also developed offensive cybersecurity systems, according to documents leaked to the press by former agency contractor Edward Snowden.

“The repurposing of the devices of unwitting users in foreign jurisdictions for covert attacks in the interests of one country’s national priorities is a dangerous precedent,” Citizen Lab said in its report.

Henry Sapiecha

Leave a Reply

Your email address will not be published. Required fields are marked *