U.S. concerned China behind "malicious" cyber-attack on U.S. sites
WASHINGTON -- The United States voiced concern Friday over a report that China manipulated international Internet traffic intended for a major Chinese Web service company and used it for a cyberattack on U.S. sites.
State Department spokesman Jeff Rathke's comments follow complaints from anti-online censorship group Greatfire.org that Chinese authorities carried out denial-of-service attacks in late March that intermittently shut down San Francisco-based Github, a U.S.-based computer-code sharing site that hosts some of Greatfire's data. Greatfire.org said it was a direct target of similar attacks earlier that month.
Greatfire.org, which has received U.S. government funding, produces mirror websites that let Chinese users see information normally blocked by government censors.
Citizen Lab, a research unit based at the Munk School of Global Affairs at the University of Toronto, attributed the attack to an offensive system it dubbed the "Great Cannon" that manipulates the traffic of systems outside China, silently programming their browsers to create a massive denial of service attack.
"We are concerned by reports that China has used a new cyber capability to interfere with the ability of worldwide Internet users to access content hosted outside of China," Rathke told reporters. He said the U.S. has asked Chinese authorities to investigate and provide the findings.
"We view attacks by malicious cyberactors, who target critical infrastructure, U.S. companies and U.S. consumers, as threats to national security and to the economy of the United States," Rathke said.
In its own report, Greatfire.org alleged that Chinese authorities carried out the attacks by installing malicious code on the computers of users visiting the popular Chinese search engine Baidu and related sites and used those computers to overwhelm Github and Greatfire.org websites with service requests.
The Chinese Embassy in Washington did not immediately respond to a request for comment Friday.
When Greatfire.org initially reported the denial of service attack in mid-March, embassy spokesman Zhu Haiquan, described as "unfounded accusation" any suggestion of Chinese government involvement. He said China was making great efforts to combat cybercrimes and safeguard cybersecurity.
China's government blocks thousands of websites to prevent what it deems politically sensitive information from reaching Chinese users. That is known as the "Great Firewall."
Greatfire.org doesn't reveal where it's located or who runs it. The Open Technology Fund, a U.S. government-backed initiative to support Internet freedom, says on its website that it provided Greatfire.org with $114,000 in 2014.
Last month, a Pentagon cybersecurity strategy laid out for the first time a small section on U.S. concerns about continued cyberespionage by China against U.S. companies and agencies. It says the U.S. will continue to try to work with Beijing to bring greater understanding and transparency of each nation's cyber missions to "reduce the risks of misperception and miscalculation."