The cause of an Internet outage in China that rerouted millions of users to a U.S. website of a company which helps people get around Beijing's censorship remained a mystery on Wednesday, but experts weighed the possibility of a cyberattack.
Users were redirected to a site run by a company tied to the Falun Gong, a spiritual group banned in China which has been blamed for past hacking attacks.
An official Xinhua news service report quoted Chinese security experts saying the outage could have been exploited by hackers, or could have been the result of a hacking attack.
The state-run China Internet Network Information Center (CNNIC) said in a microblog post that the outage, which lasted for several hours, was due to a malfunction in China's top-level domain name root servers on Tuesday afternoon.
Chinese Internet users were rerouted to a U.S.-based website run by Dynamic Internet Technology (DIT), a company that sells anti-censorship web services tailored for Chinese users, including a product that enables the retrieval of microblog posts deleted by Chinese censors.
"The Internet disruption appears to have taken place through changes to the Domain Name Service - the mapping between domain names and the IP addresses for the corresponding content servers - rather than through attacks on the underlying infrastructure," said Jim Cowie, CTO of Renesys, which monitors global Internet activity.
A mistake made by the Chinese government could be at fault for the outage. "Instead of targeting a small list of websites the (Chinese Internet censorship systems) malfunctioned and targeted any domain," said Bill Xia, founder of DIT. "For such a large scale attack just targeting users in China it can only be done by the Great Firewall."
"It's even clearer this is not an attack of all the Domain Name Servers in the world, but the same as the DNS hijacking technologies used by the Chinese government to block websites they don't want," he said.
Source: reuters
