During the weekend China’s Internet was taken down by a powerful DDoS attack, according to security experts behind the offensive there is a group of skilled hackers that on Sunday hit the country networks. But security expert clarified that China could have been perpetrated by sophisticated hackers or by a single individual. The China Internet Network Information Center [CINIC] reported that the attack began at 02:00 local time on Sunday with a peek at 04:00 that made it the largest DDoS attack the country’s networks have ever faced. CloudFlare security service provider revealed to have observed a 32 per cent drop in traffic for thousands of “.cn” websites compared with the same period in the preceding 24 hours.
The China Internet Network Information Center confirmed the attack with an official statement informing internet users that it is gradually restoring web services and that will operate to improve the security level of the Internet infrastructure of the country to prevent and mitigate further attacks. Following the translated announcement:
“8 May 25 at 0:00 or so, the State DNS node Denial of Service attacks, the China Internet Network Information Center disposal, to 2 pm, the service is restored to normal, early morning 3 through the official micro notice.Morning four o’clock, the state once again under DNS node biggest ever denial of service attacks, some websites analytical affected, leading to slow or interrupt access. To the notice, the attack continues, national domain name resolution services have been gradually restored.
Ministry of Industry and Information Technology launched the “Domain Name System Security specific contingency plans” to further the protection of national domain name resolution services. China Internet Network Information Center, the affected user apologized to launch cyber attacks on the Internet stable behavior affect condemned. China Internet Network Information Center will work with the sector to work together to continue to enhance the service capabilities.”
The Wall Street Journal was the first media agency that reported the important outage, the official source of Chinese Government confirmed that its network suffered the biggest distributed denial-of-service attack ever. All the “.cn” websites went down four hours.
At the moment there is no news on the origin of the attack and on its motivations, CloudFlare CEO Matthew Prince said that there is no certainty that behind the attack there is a group of hackers, he added that “it may have well been a single individual“.
Prince’s affirmation is reinforced by the possibility to retrieve on the underground market a huge quantity of DIY DDoS hacking tools that could allow the arrangement of a DDoS attack, it must be considered also the possibility to rent a botnet to hit a specific target for a limited period, both options accessible practically also to single individuals and small gangs.
Ironically, China is considered by analysts as the principal origin for this type of attack as revealed by many reports: such as the one published by Akamai security firm (“State of The Internet” report).
(Security Affairs – China, DDoS, China hit by DDoS attack)