After first reporting about a major issue that left millions Chinese internet users unable to access websites for several hours, new details have emerged. A government agency responsible for internet issues, the China Internet Network Information Center, has said there was a problem in the country’s DNS servers (which are responsible for blocking traffic to blacklisted websites).
According to US firm Compuware and a Chinese security company, roughly three-quarters of China’s DNS servers were affected by an eight-hour-long malfunction in which attempts to visit websites resulted in a redirection to the IP: http://18.104.22.168, which couldn’t respond to the overwhelming traffic. This traffic was sent to a business operating out of a small building in Cheyenne, Wyo.
Some Chinese users also found themselves redirected to Dynamic Internet Technology, a company that develops software that circumvents government internet censorship. DIT was founded by a member of Falun Gong, a religious sect banned in China.
It’s remains unclear whether the DNS servers were hacked or whether the redirection was the result of an error in the so-called “Great Firewall”, which redirected Chinese users to an area of the internet that it meant to block. While many analysts are pointing to the latter explanation, some Chinese sources are calling it an attack.
An editorial in China’s Global Times characterizes it as a “severe attack against the Chinese Internet,” and calls upon the US government to investigate the attack – essentially suggesting that it involved US hackers. The editorial points to the potential political and economic consequences of such an attack and the need for greater Chinese security to counter a US government “capable of striking China physically through its virtual power.”