Someone is trying to wipe China's biggest anti-censorship service off the internet. For the past two days, the mirror websites run by GreatFire.org have been under an unprecedented denial-of-service attack, receiving more than 2 billion requests per hour. "We are not equipped to handle a DDoS attack of this magnitude and we need help," the site said in a statement this morning. "This kind of attack is aggressive and is an exhibition of censorship by brute force."
"An exhibition of censorship by brute force."
GreatFire's mirroring service serves as a kind of secondary home for sites like Google or The Tibet Post that would otherwise be blocked by China's web censorship systems. That makes it harder to block through conventional means, but it's still vulnerable to brute force attacks at the hosting level. Denial-of-service attacks are notoriously easy to launch, allowing relatively unsophisticated attackers to bring down comparatively large targets.
The attack seems to have come in response to a Wall Street Journal article published on Monday, which described FreeWeibo's mirroring system in extensive detail, and may have inadvertently tipped off Chinese censors to potential attack points in FreeWeibo's system. The attacks began Tuesday, the day after the article went live, and have continued for more than 48 hours as of press time. The attack affects all of FreeWeibo's mirror sites, and while there's no evidence of who is responsible, it coincides with stronger enforcement efforts from China's Cyberspace Administration, which has publicly decried FreeWeibo's efforts. FreeWeibo says there have also been efforts to intercept internal emails through impersonation.
For the moment, GreatFire's biggest concern is simply staying on the internet. The team is struggling to upgrade equipment and employ other techniques to manage the flood of traffic, and has asked for help from anyone with expertise in the area. Managing the denial-of-service attack has also been expensive, raising traffic to thousands of times its normal level and incurring bandwidth costs up to $30,000 per day from Amazon, the site's provider. It's still unclear if Amazon will waive the costs.
3/19 11:17 ET: Updated to clarify that the Greatfire.org and Freeweibo.com sites are not targeted by the attack.