GitHub Is Back to Normal After Attacks That Were Blamed on China

Bloomberg News

GitHub is back.

The U.S. website heavily frequented by coders and other technorati reported Wednesday that it was operating normally for the first time in several days. The report followed attacks on the website that began last week and that security researchers say was likely carried out by China. The attack, which GitHub said was the largest in its history, appeared to target two pages of GitHub linking to copies of websites banned in China.

The Cyberspace Administration of China didn’t respond to requests for comment.

The company said Tuesday on its status page that their efforts to mitigate the attack were effective and service was stable. The attacks also appeared to be decreasing in intensity, according to one person watching them.

Security experts said the attack showed how China is increasingly targeting sites abroad – and using tools abroad – as part of its efforts to control digital content at home. They said the attack channeled web traffic coming into China from overseas to GitHub, flooding its servers. In web circles, such a maneuver is called a distributed denial-of-service, or DDoS, attack. The unusual part was that DDoS attacks usually uses lots of automated computer bots to send the information requests, but this time regular Internet users were leveraged to attack GitHub.

One of the pages targeted by GitHub contained links to mirrors — or copies — of websites banned by China that were set up by anticensorship activist group said in an online post on Tuesday  that a similar attack was launched earlier on its own website. It said it believed the Cyberspace Administration of China was responsible for the attacks on its website and GitHub, as the insertion of the malicious code had to be done in the Chinese Internet backbone.

“The Great Firewall has switched from being a passive, inbound filter to being an active and aggressive outbound one,” said the post.

–Eva Dou with contributions from Fanfan Wang