Github coding site hit by cyberattack

GitHub, a popular social coding site for programmers, is fighting a days-long cyberattack that reportedly originates in China and targets anti-censorship tools hosted on Github.

Anti-censorship tools targeted by attack from China, Wall Street Journal reports

GitHub, a popular social coding site for programmers, is fighting a days-long cyberattack that reportedly originates in China.

The U.S. coding site GitHub said on Sunday it was deflecting most of the traffic from the cyberattack that had caused intermittent outages. The Wall Street Journal cited China as the source of the attack.

"Eighty-seven hours in, our mitigation is deflecting most attack traffic," the GitHub Status account said in a tweet. "We're aware of intermittent issues and continue to adapt our response."

However, this morning, Github said the attack had evolved and it was "working to mitigate."

GitHub supplies coding tools for developers and calls itself the world's largest code host.

The attackers paralyzed the site at times by using distributed denial of service, or DDoS, attacks, a technique commonly used to disrupt websites and computer networks, according to the Wall Street Journal.

Anti-censorship tools targeted

They pushed massive amounts of traffic to GitHub by redirecting overseas users of the popular Chinese search engine Baidu Inc, according to the Wall Street Journal.

The newspaper said they targeted two GitHub pages that link to copies of websites banned in China - a Mandarin-language site from the New York Times Co and, which helps Chinese users circumvent government censorship.

A Beijing-based Baidu spokesman said a thorough investigation had determined it was neither a security problem on Baidu's side nor a hacking attack.

"We have notified other security organizations and are working to get to the bottom of this," the spokesman said.

On its blog, GitHub said the attack began early on Thursday and involved "every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood with high levels of traffic.

GitHub said it believed the intent of the attack was to convince the company to remove a specific class of content.

The Chinese government has repeatedly denied it has anything to do with hacking.

Asked about the report, Chinese Foreign Ministry spokeswoman Hua Chunying said China itself was one of the world's largest victims of hacking, and called for constructive international dialogue to tackle the issue.


To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.

Become a CBC Member

Join the conversation  Create account

Already have an account?