An attack on availability can describe an event that prevents users who have authority to access data from being able to access that data. The most common way this can happen is via DDoS (Distributed Denial of Service) attack. There are many different variations of DDoS attacks but they all accomplish the same goal by overwhelming a service with junk information or requests.

GitHub is a web based platform that allows developers to collaborate, save, and share code. In march of 2015 it was the the victim of a 1.3Tbps DDoS attack. This was the largest ever reported DDoS attack at the time. The DDoS attack worked by silently injecting javascript through an analytic tool used by the search engine “Baidu”. This caused the browsers of anyone visiting a site with the analytic tool to constantly load two different pages on GitHub. One of the pages contained a mirror of the website “GreatFire.org” and the other was a mirror of the Chinese version of the New York Times. Because of the content on the specific pages attacked and the connection to the search engine “Baidu” it was initially believed that the attack originated within China. Rob Graham, CEO of Errata Security claims to have traced the attack to “China Unicom” by using a modified version of the Traceroute diagnostic tool.

If it is true that the operation was sponsored by the Chinese government it shows that organizations need to be prepared for not only black hat hackers or groups looking for financial gain but also entire governments willing to throw their resources at shutting down websites they don’t like.

References:

Editor at Ars Technica. (2015, April 2). DDoS attacks that crippled github linked to Great Firewall of China. Ars Technica. https://arstechnica.com/information-technology/2015/04/ddos-attacks-that-crippled-github-linked-to-great-firewall-of-china/