Early Sunday morning, China experienced what it is now calling its “largest ever” DDoS attack. According to The China Internet Network Information Center (CNNIC), the country’s .cn servers went down as a result of the attack, with affects lasting hours for some users.
According to the Wall Street Journal, the attack occurred in two waves — first around 2 a.m. local time, and then a larger attack launched at 4 a.m. — and focused on websites with the .cn extension. While the true depth of the damage is uncertain. CloudFlare CEO Matthew Prince told the WSJ that the company saw a precipitous drop in traffic from the country, dipping 32 percent below its normal traffic for that hour.
The country has seen a major increase in DDoS attacks — tripling year-over year according to Akamai’s State of the Internet from Q4 2012. China a complex internet structure with many filters to ensure that the government has complete control over content, the infamous Great Firewall of China, its citizens see, but it still doesn’t have the faculties to outmatch old-fashioned server overload.
But, perhaps more importantly, authorities have yet to really explain what happened or who was involved. The attack has come during the sensational trial of Chinese official Bo Xilai, but motives behind the attack, if known, are unlikely to be publicly revealed. And, while there is healthy speculation that the attack could have been launched by a single individual with a well-constructed botnet, the CNNIC has remained tight-lipped on the matter. The government has instead chosen to focus on remedies, explaining in the press release that more services will be coming to reduce the network’s vulnerabilities and strengthen their .cn servers.