It is just a few hours since more than 100 million individuals ganged up on what they see as China’s assault on “freedom of information.”
Signing up to use the ‘Pandora botnet’, essentially an open virus, they have launched a global attack on China’s state computers. Its Golden Shield Project firewall was breached and rendered inoperable after just ten minutes.
At this point, just about every state department is unreachable. China’s army is in disarray as the entire government network architecture is filled with noise and static.
While millions of individuals are clearly behind this attack, Google has been accused of setting up Pandora. The company divested from China after regular state-directed industrial espionage attacks against numerous companies were identified in early 2010.
“Our choice is to allow a sovereign government to steal our valuable intellectual know-how and use that to subvert the rights and freedoms of people around the world or to live by our word and not be evil,” said Eric Schmidt, CEO of Google, back in 2011 as google.cn was shut down.
Yet, how does Google, a listed company with less than 20,000 employees go up against the might of the People’s Republic of China, a nation with 7.5 million soldiers and well over 40,000 people in Internet surveillance and espionage?
They didn’t – but someone did. The Pandora botnet of some 32 million computers is currently focusing the computing power of over 143 million computer and smart phone users who downloaded the ‘ChinaDown’ web application.
“Right now we’re counting 189 million vectors,” says an astonished Margery Weaving at McAfee Research Labs, which analyses online botnets. “It’s the largest distributed digital computer ever created and it is all aimed at one place: China.”
The Chinese government is unreachable for comment and the world’s first cyberwar seems to have been won, by everyone.
ANALYSIS >> SYNTHESIS: How this scenario came to be
2004-5: Yahoo! sins, Google bends
In 2004, on the fifteenth anniversary of the massacre at Tiananmen Square, the Chinese government distributes a warning to all journalists in China telling them how to cover the event so as not to offend the state. Shi Tao, a Chinese journalist, sends the message to associates overseas on a Yahoo! email account.
Yahoo! meekly passes over information regarding Shi to Chinese police. Shi is arrested and sentenced to ten years in jail for “leaking state secrets.”
In 2005 Google decides to offer a local search service in China at google.cn. “While removing search results is inconsistent with Google’s mission, providing no information (or a heavily degraded user experience that amounts to no information) is more inconsistent with our mission,” says a company announcement as Google attempts to justify their censorship of search results.
Activists in the US can’t understand how censorship of this level corresponds with Google’s official company policy of “Don’t be evil.”
2006: China’s Firewall
The Golden Shield project, which will become known as the Great Firewall of China, is officially launched in 2006. Estimates put the development costs at US$ 800 million.
A number of services attempt to negate the effects of China’s firewall. Psiphon is a software project designed by University of Toronto’s Citizen Lab under the direction of Professor Ronald Deibert, Director of the Citizen Lab. Psiphon is a circumvention technology that works through social networks of trust and is designed to help Internet users bypass content-filtering systems set up by governments.
“We’re aiming at giving people access to sites like Wikipedia,” says Michael Hull, Psiphon’s lead engineer.
Despite these efforts, China’s 30,000 Internet police continue to block thousands of international news websites, and search terms on everything from “Tiananmen Square massacre” to “tank boy.”
2007: Botnets and Cyberwars
In April 2007 Estonia, once a slave-state of the Soviet empire, decides to distance itself from its past. The Bronze Soldier situated in the center of the capital of Estonia, and commemorating the Soviet invasion of Estonia at the battle of Tallinn, is moved to a graveyard.
The result is what is potentially the world’s first cyberwar.
Vladimir Putin, Russia’s President, goes on the offensive: “Those who are trying to belittle this invaluable experience, those who desecrate monuments to the heroes of the war, are insulting their own people and sowing discord and new distrust between states and people.”
Violent clashes at the Estonian embassy in Russia are followed by a systematic and aggressive attempt to bring down the entire Estonian Internet infrastructure; disabling the websites of government ministries, political parties, newspapers, banks, and companies.
This type of attack is known as a distributed denial-of-service (DDoS) attack. CERT, a software security organization located at Carnegie-Melon University in the US characterizes DDoS as “an explicit attempt by attackers to prevent legitimate users of a service from using that service.”
There are a wide, and ever-increasing, range of ways in which such attacks can take place.
“We have been lucky to survive this,” says Mikko Maddis, Estonia’s defense ministry spokesman. “People started to fight a cyberwar against it right away. Ways were found to eliminate the attacker.”
2010: Operation Aurora
In January, Google makes the following announcement on their official blog:
“Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident – albeit a significant one – was something quite different.”
The target is a host of technology companies, including Adobe Systems, Juniper Networks, Rackspace, Yahoo, Symantec and Google.
China, or its agents, appear to be deliberately targeting companies with sophisticated networking and social media software in order to steal intellectual property and know-how.
However, the news most alarming in Europe and the US, is that the attacks also targeted political dissidents in widespread attempts to hack into their email accounts.
Google concludes with a shocking announcement:
“We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.”
In February, China demands that the US both end an arms deal with Taiwan, and that President Barrack Obama not meet with the Dalai Lama. Obama refuses, meeting with the exiled Tibetan leader on the White House lawn.
“We have to choose between our conscience and what is expedient; between what is noble and what is unjust,” he says. “It is no longer possible for us to ignore the contradiction between China’s human rights policy and the ideals of liberty upon which our great nation was founded.”
In December, China takes its revenge on the US. “We feel that US debt is unsustainable and we are moving toward a basket of currencies for investment. This means our reserve of US dollars is now for sale and we will accept a price of 50 Euro cents to the dollar,” announces Hu Wen, a deliberately minor Chinese official. The US national debt financed by China is US$ 842 billion.
At the same time, China takes advantage of the chaos to launch Operation Black Rose which targets Google, Yahoo, Microsoft, Twitter, YouTube, Facebook and a number of other social media sites. The immediate purpose of the attacks is unclear.
2011: eCold War
US gold reserves save the US dollar. Although the credit crisis of 2008 may have weakened the world’s largest economy, it is still a massive and wealthy place. The impact to the US economy is short-lived but China is estimated to have lost US$ 500 billion of currency reserves in 20 days.
China’s attempted distributed-denial-of-service attacks in 2010 are also an embarrassing failure. The scale of international broadband bandwidth is sufficiently large to prevent an attack on massive social media companies through DDoS. China simply ignores that the event ever took place.
Google, Yahoo and the others get back to business. So does everyone else and it is assumed that an uneasy truce has been reached.
In September, CERT identifies a new botnet. “We’re not sure what it does, though,” says Ulrik Pierssen, one of their analysts. “It is probably the largest botnet we’ve ever seen. I think it may contain around 32 million computers.” They call it Pandora.
In December, a Facebook meme starts in which people can download a piece of software called ‘ChinaDown’ that offers a countdown to “China’s liberation.” Millions of people start to support it. No-one knows where it comes from.
The countdown is set to end on 18 June 2012.
June 2012: The Firewall Falls
In April, cyber attacks against Google, Facebook and Twitter start to rise. A leaked report from China appears to point to fears within the Chinese government that Google may be attempting to launch a cyber attack against the Chinese state.
Google announces that they are not behind any such moves and, in any case, have entirely divested their interests in China. Hillary Clinton demands that this type of interference stop.
‘ChinaDown’ is estimated to be one of the most popular applications, running on millions of smart phones, netbooks and PCs. Bloggers and social-media pundits have gleefully hailed it as the “day that the Internet takes back its freedom.” Hardly anyone takes it seriously, though.
On 18 June, millions of people watch the clocks on their countdowns tick to zero. Each of these devices, some 143 million of them, immediately make contact with the Pandora botnet which focuses the combined computing power on one target. China’s firewall.
China attempts to blame Google, but no-one is sure. “We had nothing to do with this. We think that any sort of retributive behavior of this nature is uncalled for. We don’t advise anyone to seek vigilante justice,” says Eric Schmidt, Google’s CEO.
After 24 hours, the botnet shuts down and vanishes. ‘ChinaDown’ uninstalls itself and disappears. Whoever was behind the most destructive cyberwar of modern history may never be known.