WASHINGTON (Reuters) - The United States said on Friday it has asked Beijing to investigate reports that China interfered with Internet content hosted outside the country and used it to attack U.S. websites.
“We are concerned by reports that China has used a new cyber capability to interfere with the ability of worldwide Internet users to access content hosted outside of China,” State Department spokesman Jeff Rathke said.
“The cyber attack manipulated international web traffic intended for one of China’s biggest web services companies and turned it into malicious traffic directed at U.S. sites,” Rathke told a news briefing.
He said the United States asked Chinese authorities to investigate the cyber attack and report its findings.
The Chinese government has repeatedly denied it has anything to do with hacking.
China’s “Great Cannon” is a distinct cyber attack tool that hijacks traffic to or from individual IP addresses and allows China to target “any foreign computer that communicates with any China-based website,” according to an analysis from information technology research group Citizen Lab of Toronto.
Justin W. Clarke, a senior security researcher at Cylance cybersecurity firm, called the Great Cannon a “potentially devastating tool” that is “one of the biggest cyber weapons that has become publicly known.”
“Every user in China could be potentially weaponized by their government,” he said.
After attacks that included the December hacking of Sony Pictures (6758.T) attributed to North Korea, the United States wanted to send a message, said cybersecurity expert James Lewis, a senior fellow at the Center for Strategic and International Studies.
“This was China going outside China to stifle dissent and coming into the U.S. to do it,” Lewis said. “So coming on the heels of Sony ... they feel they have to send a really strong message: ‘You guys are really crossing the line.’”
In March, U.S. coding site GitHub said it was deflecting most of the traffic from a days-long cyberattack that had caused intermittent outages for the social coding site, with the Wall Street Journal citing China as the source of the attack.
The attackers pushed massive amounts of traffic to GitHub by redirecting overseas users of the popular Chinese search engine Baidu Inc (BIDU.O), the Journal reported.
GitHub supplies coding tools for developers and calls itself the world’s largest code host.
The newspaper said they targeted two GitHub pages that link to copies of websites banned in China - a New York Times Co (NYT.N) Mandarin-language site and Greatfire.org, which helps Chinese users circumvent government censorship.
Reporting by Doina Chiacu; Editing by Bill Trott and Dan Grebler