The company believes that the attack originates from China, and the intent is to convince GitHub to remove a specific class of anticensorship content. GitHub noticed that two specific areas of their site are being targeted. The first area is run by Greatfire.org, “an anticensorship organization which releases tools to help Chinese citizens circumvent the county's stringent censorship control,” reported ZDNet. GitHub’s website is encrypted, so outside users can’t tell if users are looking for programming code, or anticensorship content. Greatfire.org’s GitHub page linked to an uncensored version of Weibo, a popular social media platform.
The second targeted area links to web pages that provide users a way to access copies of websites and domains that are banned in China. The main target is the New York Times’ Mandarin language mirror, cn-times. The cn-times mirror allows Chinese citizens to read the New York Times even though the domain is censored. Users in China can also download an iOS app that links to more cloud-based copies of the New York Times. China’s Cyberspace Administration refused to comment on the situation. Baidu says they are uninvolved with the attack, but also says that their internal security remains uncompromised. Security experts suspect that part of the attack is coordinated through code that originated on Baidu’s servers.
The San Francisco-based company said it is deflecting most of the traffic from the cyberattack, and trying to give all of their customers’ access to the site. However, the cyberattack is still causing intermittent outages. GitHub is globally used by programmers and major tech firms for software development. The companies that relied on GitHub were also temporarily paralyzed by the DDoS attack, since their projects were inaccessible.
This DDoS attack on GitHub highlights the need for global companies to have a plan of action when a cyber attack hits. For global companies, simply installing traditional security products and meeting compliance checklists is not enough. EiQ’s security monitoring service is trusted to help companies build an effective security program. EiQ SOCVue offers 24/7 continuous security monitoring of all IT infrastructure. Daily Security Snapshot emails inform CIOs of an assessment of critical security controls, and a summary of any security events that have occurred. EiQ’s team of certified security professionals are available around the clock for incident detection and remediation guidance. In today’s world, companies are likely to experience a security breach. With a third party security service like EiQ, the company can use outside resources to suppress an attack. When companies work together with expert security teams, they can minimize the impact of a cyber attack.