Not content with censoring web content from its own citizens, China is now able to attack sites outside the country with a new tool being dubbed the "Great Cannon," a report says. The new cyberweapon allows China to take international websites offline and install malicious software on computers around the world.
The Great Cannon is so-called because it is an offensive tool used to attack foreign sites, as opposed to The Great Firewall, which is the name given to China's domestic Web-censoring technology.
Details of the cyberweapon were released in a Citizen Lab report by computer scientists from the Munk School of Global Affairs at the University of Toronto; the International Computer Science Institute; the University of California, Berkeley; and Princeton University. The authors determined that The Great Cannon was behind a weeks-long attack on GitHub and the anti-censorship group GreatFire. The attack took down a Chinese version of the New York Times website, hosted on GitHub, and GreatFire.org, which helps Internet users circumvent Chinese censors.
According to the report, the Great Cannon "represents a significant escalation in state-level information control." Unlike the Great Firewall, it gives China the power to attack websites anywhere in the world.
The recent attack worked by taking control of millions of web browsers on computers around the world and flooding traffic to GreatFire and Github. This type of attack is called a Distributed Denial of Service (DDoS), but the Great Cannon has the potential to wreak even more havoc.
Any computer visiting a Chinese website that does not fully utilize HTTPS encryption technology could be infected with malicious software. This could mean it could act as a "man in the middle," intercept unencrypted email to or from a target and "undetectably replace" legitimate attachments with malicious payloads, "sabotaging email sent from China to outside destinations," the report said.
The Citizen Lab researchers say that there is "compelling evidence" that the Chinese government operates the Great Cannon and that it likely required the approval of high-level authorities.
The report compares the Great Cannon with the NSA's Quantum system, which is also capable of implanting malware on machines around the world. China has become more brazen with its Internet attacks since Edward Snowden leaked the hacking abilities of the NSA in 2013. "This precedent will make it difficult for Western governments to credibly complain about others utilizing similar techniques," wrote the researchers.
Chinese censoring has been ramped up since President Xi Jinping came to power in 2013. He appears to be willing put ideological control over other goals such as the economic success of China's tech sector. The GreatFire and GitHub attacks targeted computers that had communicated with Baidu, China's largest search engine. A revelation like this is likely to damage the reputation of Baidu, which is effectively China's Google and recently reported total revenue of $7.9 billion for 2014.
The most effective defense against tools like Quantum and the Great Cannon is the universal encryption of web traffic, according to the report.
Chinese government officials have consistently denied any government involvement in launching foreign cyberattacks, but this report confirms there are more prying eyes out there than just those of NSA and its allies.