The China Internet Network Information Center (CNNIC), which maintains the registry for the .cn, China’s country code top-level domain, has notified the public that two massive DDoS attacks have been aimed against the national Domain Name Service early on Sunday.
The first started around 0:00, Beijing time, and around 2 PM the service was restored to normal.
The second one hit around 4 PM, and according to the CNNIC, it was the largest ever denial of service attack to hit China’s Internet, and led to many websites being completely inaccessible for a period of time or made them extremely slow to load.
The attack seems to still be ongoing, but its intensity has diminished. The Chinese Ministry of Industry and Information Technology, which oversees the CNNIC, has also launched “specific contingency plans” to protect national domain name resolution services. Unfortunately, no details about what this contingency plans are were shared.
The CNNIC has apologized for the disruption and a spokesman has stated that they will be sharing more details about the attacks as soon as they know more. For the time being, it is still hard to tell who might be behind it all.
“I don’t know how big the “pipes’ of .cn are, but it is not necessarily correct to infer that the attacker in this case had a significant amount of technical sophistication or resources,” CloudFlare CEO Matthew Prince commented for WSJ. “It may have well have been a single individual.”
It’s interesting to note that as DDoS attacks are getting bigger, stronger and longer, the United States and China top the list of countries that are most affected by malicious DNS request traffic.
Despite of – or perhaps because of – having a reputation for employing great numbers of hackers to do perform world-wide cyber espionage campaigns, China seems to be a big target for cyber attacks, as well.