abusesaffiliationarrow-downarrow-leftarrow-rightarrow-upattack-typeburgerchevron-downchevron-leftchevron-rightchevron-upClock iconclosedeletedevelopment-povertydiscriminationdollardownloademailenvironmentexternal-linkfacebookfiltergenderglobegroupshealthC4067174-3DD9-4B9E-AD64-284FDAAE6338@1xinformation-outlineinformationinstagraminvestment-trade-globalisationissueslabourlanguagesShapeCombined Shapeline, chart, up, arrow, graphLinkedInlocationmap-pinminusnewsorganisationotheroverviewpluspreviewArtboard 185profilerefreshIconnewssearchsecurityPathStock downStock steadyStock uptagticktooltiptwitteruniversalityweb

このページは 日本語 では利用できません。English で表示されています

記事

2019年9月6日

著者:
Jane Li, Quartz

Hong Kong protestor site accused Baidu and Qihoo of cyber attacks; cybersecurity expert said attacks initiated by Chinese websites were unlikely

“A Hong Kong protester site says cyber attacks against it piggy-backed off China’s Baidu”, 2 September 2019

… LIHKG, the de facto online headquarters for protestors, who use the website to exchange tips and comments about the movement, said it came under an “unprecedented” distributed denial of service, or DDoS, attack on Aug. 31, with the episode leading to denied access to the website for some of its users. DDoS is a form of cyber attack that floods a targeted machine or server with so many requests the system gets overloaded and can’t fulfill some or all legitimate requests from actual users.

“We have reasons to believe that there is a power, or even a national level power behind to organize such attacks as botnet from all over the world were manipulated in launching this attack,” the website, which is run by anonymous operators, announced in a post…

The forum identified two Chinese websites as being among those involved in the attack, including Baidu Tieba, an online forum under Baidu, the largest search engine in China, and qihucdn.com, which some LIHKG users believe belongs to Qihoo360, a Chinese internet security firm. Baidu declined to comment, while Qihoo360 did not reply to a request for a comment.

K, a cybersecurity expert… said his diagnosis shows the attacks were unlikely initiated by Baidu and the other Chinese websites themselves. Rather, he suspects the attacks happened because the websites were perhaps “compromised” through some malicious Javascript inserted in their content delivery network (CDN), a system of distributed servers that deliver pages and other web content to users. According to K, the “compromised” scripts could effectively lead to the computers of anyone that visits the affected Chinese websites to launch the DDoS attack on LIHKG.

It is unclear whether Baidu or Qihoo is aware of the issue, or which organization might have inserted malicious scripts into the servers, he added…[Also referred to Telegram, Twitter, Github]

タイムライン

プライバシー情報

このサイトでは、クッキーやその他のウェブストレージ技術を使用しています。お客様は、以下の方法でプライバシーに関する選択肢を設定することができます。変更は直ちに反映されます。

ウェブストレージの使用についての詳細は、当社の データ使用およびクッキーに関するポリシーをご覧ください

Strictly necessary storage

ON
OFF

Necessary storage enables core site functionality. This site cannot function without it, so it can only be disabled by changing settings in your browser.

クッキーのアナリティクス

ON
OFF

When you access our website we use Google Analytics to collect information on your visit. Accepting this cookie will allow us to understand more details about your journey, and improve how we surface information. All analytics information is anonymous and we do not use it to identify you. Google provides a Google Analytics opt-out add on for all popular browsers.

Promotional cookies

ON
OFF

We share news and updates on business and human rights through third party platforms, including social media and search engines. These cookies help us to understand the performance of these promotions.

本サイトにおけるお客様のプライバシーに関する選択

このサイトでは、必要なコア機能を超えてお客様の利便性を高めるために、クッキーやその他のウェブストレージ技術を使用しています。