U.S. coding site undergoes denial-of-service cyber attackReprints
(Reuters) — U.S. coding site GitHub said on Sunday it was deflecting most of the traffic from a days-long cyber attack that had caused intermittent outages for the social coding site, with the Wall Street Journal citing China as the source of the attack.
“Eighty-seven hours in, our mitigation is deflecting most attack traffic,” the GitHub Status account said in a tweet. “We’re aware of intermittent issues and continue to adapt our response.”
The attack took the form of a flood of traffic, known as a distributed denial of service, or DDoS, attack. Those are among the most common kinds of attacks on the Internet.
The Wall Street Journal reported that the flood of Internet traffic to GitHub came from Chinese search engine Baidu Inc., targeting two GitHub pages that linked to copies of sites banned in China.
On its blog, GitHub said the attack began early on Thursday “and involves a wide combination of attack vectors.”
“These include every vector we’ve seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic,” the blog post continued.
“Based on reports we’ve received, we believe the intent of this attack is to convince us to remove a specific class of content.”
GitHub supplies social coding tools for developers and calls itself the world’s largest code host.
A Beijing-based Baidu spokesman said a thorough investigation by the company had found it was neither a security problem on Baidu’s side nor a hacking attack.
“We have notified other security organizations and are working to get to the bottom of this,” the spokesman said.
The Chinese government has repeatedly denied it has anything to do with hacking attacks.
Asked about the report, Chinese Foreign Ministry spokeswoman Hua Chunying said China itself was one of the world’s largest victims of hacking, and called for constructive international dialog to tackle the issue.