Chinese domains downed by 'largest ever' cyber-attack

DDoS attacks targeted the country's national registry linking websites' names to their machine-readable counterparts (IP addresses)

China has been hit by the “largest ever” cyber-attack targeting thecountry’s internet  infrastructure and websites using the national .cn URL extension.

The reports come from the China Internet Network Information Centre (CNNIC), a government-linked agency who say that the national domain name resolution registry came under a series of a sustained distributed denial of service (DDoS) attacks on Sunday morning at approximately 2am local time.

The CNNIC apologised to users for the outage, saying that "the resolution of some websites was affected, leading visits to become slow or interrupted." They also promised that they will be working with China’s Ministry of Industry and Information Technology (MIIT) to improve future “service capabilities”.

The attack most likely shut down a database responsible for converting a website’s name into a set of digits (the IP address) that are then read by computers. It seems the registry was shut down for between two and four hours, although this will only have affected some sites, as web service providers often store their own copy of these databases.

Speaking to the Wall Street Journal, Matthew Prince, Chief Executive for web-security provider CloudFlare said that the company observed a 32 per cent drop in traffic on its Chinese domains. Mr Prince described this as “representative of the overall drop in traffic generally.”

Mr Prince also noted that the country-wide scope of the attack is not necessarily indicative of a government-led operation. “I don’t know how big the ‘pipes’ of .cn are, but it is not necessarily correct to infer that the attacker in this case had a significant amount of technical sophistication or resources. It may have well have been a single individual.”

 Analysts note that despite China’s sophisticated online filters and its significant firepower when it comes to attacking other countries via the internet, its defensive capacities are less impressive.

Bill Brenner of cloud-service providers Akami noted that the event was particularly ironic considering that China is responsible for the majority of the world’s online “attack traffic”. Akami’s ‘State of the Internet’ report in 2013 noted that 34 per cent of global attacks originated from China, with the US coming third with 8.3 per cent.

Comments