A couple of days ago GitHub revealed they were the victim of a massive distributed denial of service (DDoS) attack, which lasted more than five days and took the website offline several times. According to company officials, it the largest attack the website had ever faced.

Several reports by security researchers place the blame squarely on Chinese government officials. According to GreatFire, there is simply no way this sort of attack could have occurred without the knowledge of the Cyberspace Administration of China (CAC), as the type of attack involved inserting malicious code via the Chinese internet backbone.

A separate research firm, Netresec, analyzed the fingerprint of the massive DDoS attack and concluded that the Great Firewall of China - a censorship tool used to block many non-Chinese websites in the country - was used to launch it. In their words, the Great Firewall isn't just a censorship tool, "but also a platform for conducting DDoS attacks against targets world wide with help of innocent users visiting Chinese websites."

The attack was launched by injecting JavaScript code into websites that used Chinese search engine Baidu's analytics tools. Approximately one percent of visitors to such sites received the malicious code rather than the true analytics code, which forced the user's web browser to constantly and viciously reload certain GitHub pages.

By closely observing the packets of data coming from affected computers, Netresec observed behavior that suggested the JavaScript code was being inserted by someone other than the owners of the websites. This meant that the injection was performed at a high level, with all fingers pointing to the Chinese government themselves.

It's not surprising that the Chinese government has been strongly implicated as the source of the DDoS attack against GitHub. Pages targeted in the attack were mostly related to avoiding Chinese censorship, and taking down these pages is definitely something the Chinese government would want to do.