abusesaffiliationarrow-downarrow-leftarrow-rightarrow-upattack-typeburgerchevron-downchevron-leftchevron-rightchevron-upClock iconclosedeletedevelopment-povertydiscriminationdollardownloademailenvironmentexternal-linkfacebookfiltergenderglobegroupshealthC4067174-3DD9-4B9E-AD64-284FDAAE6338@1xinformation-outlineinformationinstagraminvestment-trade-globalisationissueslabourlanguagesShapeCombined Shapeline, chart, up, arrow, graphLinkedInlocationmap-pinminusnewsorganisationotheroverviewpluspreviewArtboard 185profilerefreshIconnewssearchsecurityPathStock downStock steadyStock uptagticktooltiptwitteruniversalityweb

这页面没有简体中文版本,现以English显示

文章

2019年9月6日

作者:
Jane Li, Quartz

Hong Kong protestor site accused Baidu and Qihoo of cyber attacks; cybersecurity expert said attacks initiated by Chinese websites were unlikely

“A Hong Kong protester site says cyber attacks against it piggy-backed off China’s Baidu”, 2 September 2019

… LIHKG, the de facto online headquarters for protestors, who use the website to exchange tips and comments about the movement, said it came under an “unprecedented” distributed denial of service, or DDoS, attack on Aug. 31, with the episode leading to denied access to the website for some of its users. DDoS is a form of cyber attack that floods a targeted machine or server with so many requests the system gets overloaded and can’t fulfill some or all legitimate requests from actual users.

“We have reasons to believe that there is a power, or even a national level power behind to organize such attacks as botnet from all over the world were manipulated in launching this attack,” the website, which is run by anonymous operators, announced in a post…

The forum identified two Chinese websites as being among those involved in the attack, including Baidu Tieba, an online forum under Baidu, the largest search engine in China, and qihucdn.com, which some LIHKG users believe belongs to Qihoo360, a Chinese internet security firm. Baidu declined to comment, while Qihoo360 did not reply to a request for a comment.

K, a cybersecurity expert… said his diagnosis shows the attacks were unlikely initiated by Baidu and the other Chinese websites themselves. Rather, he suspects the attacks happened because the websites were perhaps “compromised” through some malicious Javascript inserted in their content delivery network (CDN), a system of distributed servers that deliver pages and other web content to users. According to K, the “compromised” scripts could effectively lead to the computers of anyone that visits the affected Chinese websites to launch the DDoS attack on LIHKG.

It is unclear whether Baidu or Qihoo is aware of the issue, or which organization might have inserted malicious scripts into the servers, he added…[Also referred to Telegram, Twitter, Github]

时间线

隐私资讯

本网站使用 cookie 和其他网络存储技术。您可以在下方设置您的隐私选项。您所作的更改将立即生效。

有关我们使用网络存储的更多信息,请参阅我们的 数据使用和 Cookie 政策

Strictly necessary storage

ON
OFF

Necessary storage enables core site functionality. This site cannot function without it, so it can only be disabled by changing settings in your browser.

分析 cookie

ON
OFF

您浏览本网页时我们将以Google Analytics收集信息。接受此cookie将有助我们理解您的浏览资讯,并协助我们改善呈现资讯的方法。所有分析资讯都以匿名方式收集,我们并不能用相关资讯得到您的个人信息。谷歌在所有主要浏览器中都提供退出Google Analytics的添加应用程式。

市场营销cookies

ON
OFF

我们从第三方网站获得企业责任资讯,当中包括社交媒体和搜寻引擎。这些cookie协助我们理解相关浏览数据。

您在此网站上的隐私选项

本网站使用cookie和其他网络存储技术来增强您在必要核心功能之外的体验。