The Chinese government’s massive attack on GitHub at the end of March, which directed massive amounts of traffic at its servers in an attempt to overwhelm them, was thought to have been accomplished by simply diverting traffic from what is known as China’s Great Firewall. Now researchers from the academic think tank Citizen Lab have found that China actually intercepted foreign traffic flowing into Chinese tech titan Baidu to attack targeted sites–a weaponized process that the researchers have dramatically termed “the Great Cannon.” And it turns out the tech used in this interception technique is startlingly similar to tech already developed by the NSA and its British equivalent, GCHQ.
The similarities may, the researchers suggest, “make it difficult for Western governments to credibly complain about others utilizing similar techniques.”
The NSA and its partner agencies use this tech to intercept traffic, slip in malicious code, and spy on hapless web surfers. China has taken it a step farther, redirecting the traffic to overwhelm and silence offending websites, the researchers said in a report released today. Although the researchers confirmed that the Great Cannon originated from a separate device than China’s Great Firewall, they had such similar code that they were likely operated by the same government agency.
Baidu wasn’t complicit in the Great Cannon plan, and its networks have not been breached, a Baidu spokesperson told The New York Times. That the company was oblivious is all the more disconcerting. What the researchers fear most is that the Chinese government can use the Great Cannon to spy on anyone who makes a request to a server inside China–or even a website outside China that happens to have an ad from a Chinese server–and then track everyone that person communicates with, says The New York Times. The solution: Encrypt your Internet traffic. Encrypt it all.