GreatFire.org, a group of activists dedicated to bringing transparency to the Great Firewall of China, have just experienced their first distributed denial of service (DDoS) attack starting on March 17, according to their official website.
Greatfire.org Under DDoS Attack
At the moment, GreatFire are experiencing 2.6 billion requests per hour (about 2500 times more than what’s considered ‘normal’), and their websites are simply not able to handle such kind of volume.
“This kind of attack is aggressive and is an exhibition of censorship by brute force. Attackers resort to tactics like this when they are left with no other options,” they said.
The target is the mirror websites GreatFire created for the Chinese users to access blocked content sensitive for the Chinese government.
No information about who is behind the attack is yet available, but apparently, GreatFire have been under pressure for some time now. They were even called “an Anti-China website” publicly, and suspect that the attack is in a response of a Wall Street Journal article about the free-speech activists using cloud computing to get around China’s Great Firewall.
The activist group has been using Amazon.com to host the mirror websites. This way, if the Chinese government decides to block these websites, it will cause “collateral damage” and could block Amazon servers which are supporting a large number of businesses.
In order to continue operations related to protecting the freedom of speech, the anonymous group is asking the public to show Amazon they support the GreatFire’s cause.
“Because of the number of requests we are receiving, our bandwidth costs have shot up to USD $30,000 per day. Amazon, which is the service we are using, has not yet confirmed whether they will forgo this. If they do not forgo this, this will put a significant squeeze on our operations,” they added.
The activists have managed to liberate some major websites such as Boxun, Deutsche Welle and Google in order to provide online users access to information by using their unique open source method of collateral freedom.In addition, last week, Reporters Without Borders, an NGO based in Paris, took advantage of their method and unblocked nine websites worldwide including two in China – Mingjing News and The Tibet Post.
DDoS Attacks
DDoS attacks are a malicious attempt to disrupt an online service, resource, a server, etc. by overloading it with traffic from multiple sources.
According to digitalattackmap.com:
- You can buy a week-long DDoS attack on the black market for $150, which is capable of taking a small organization offline
- More than 2000 daily DDoS attacks occur world-wide
- 1/3 of all downtime incidents belong to DDoS attacks
In order to generate heavy traffic from multiple resources, the hackers must first create a network of infected computers (botnets). To do that, they spread malware through websites, emails, files, etc. The infiltrated malicious software serves as a backdoor for hackers to access the infected computers and take control over them remotely. To get the idea better, there are botnets consisting of millions of machines!
The army of infected computers is now ready to attack. Botnets generate traffic by sending many times more connection requests to a server than it can handle.