Anti-censorship body Greatfire.org has been hit with a massive DDoS attack, flooding its infrastructure with 2.6 billion requests per hour and forcing it to reach out for help to stay afloat.
The non-profit has been a constant thorn in the side of the Chinese authorities as it pioneered a strategy of “collateral freedom” – that is, mirroring sites blocked inside the Great Firewall on cloud computing infrastructure which everyone can access.
The authorities have thus far not found an effective response as it would mean taking out the likes of Amazon Web Services, affecting countless Chinese businesses commercially.
Last week, Reporters Without Borders also used the same, open source, collateral freedom MO to unblock nine banned sites including The Tibet Post.
But now Greatfire.org’s very existence is under threat, as the unknown assailant has flooded its IT infrastructure with 2500 times more traffic than normal.
The DDoS came shortly after a lengthy Wall Street Journal article describing the collateral freedom initiative.
“This attack affects all of our mirror websites,” the group said in an email.
“While we have talked openly about our method of using collateral freedom to unblock websites and mobile apps that have been blocked by the Chinese authorities, the WSJ story clearly stated how the strategy works and how it is being used successfully to deliver uncensored content into China.”
It’s still unclear who’s behind the attack, although it coincides with increased attention from Beijing, and in particular the Cyberspace Administration of China (CAC) – which recently branded Greatfire an “anti-China website” run by “overseas anti-China forces.”
Co-founder Charlie Smith told Infosecurity by email that there’s “never rhyme or reason” for cyber-attacks and censorship moves inside China.
“I am not laying blame on the authorities just yet,” he added. “But maybe people who support the authorities took issue with some of those news stories.”
However, because of the increased number of requests being received thanks to the DDoS, the group’s bandwidth costs have soared to $30,000 per day.
It has asked Amazon to forgo these costs and called on others to help advise on tools and techniques to keep the infrastructure up and running.
“We need companies like Amazon to be on our side and, more importantly, on the side of freedom of speech,” the email concluded.
“We need you to tell Amazon that you think that freedom of speech is an important issue and that Amazon, as a leading global enabler of the internet, plays an important role in access to information.”