China behind man-in-the-middle attacks on Google, Microsoft, Mozilla users

By  | 

An anti-censorship group has said that China’s cyberspace administration is behind attacks on major Internet companies including Google, Microsoft and Mozilla urging internet companies to ramp up their security infrastructure.

GreatFire.Org cited statements made by Google, Microsoft and Mozilla as ‘concrete evidence’ showing the Chinese government was involved in so-called “man-in-the-middle” operations. Man-in-the-middle attacks involve an unauthorised intermediary inserting themselves between computer users and their online destinations, usually undetected, putting them in a position to harvest data traffic, including passwords.

GreatFire.Org said that the Cyberspace Administration of China (CAC) authority and the China Internet Network Information Centre (CNNIC) administrator are responsible for the malicious attacks and are endangering safety and security on the Internet.

A Google security engineer on Monday posted on the company’s online security blog that CNNIC and a firm called MCS Holdings had been found to have issued “unauthorised digital certificates for several Google domains”.

“The misissued certificates would be trusted by almost all browsers and operating systems,” he wrote, describing the resulting vulnerability as a “serious breach” of the Internet certificate authority system.

Yesterday, Microsoft and Mozilla, owner of the popular Firefox web browser, announced that they were revoking trust in all MCS certificates.

GreatFire.Org welcomed the companies’ response but added: “We once again call for Google, Mozilla, Microsoft and Apple to revoke trust for CNNIC immediately in order to protect Chinese user data and user data worldwide.”

Last week, GreatFire.Org said that it had been hit by a barrage of automated requests known as a distributed denial of service (DDoS) attack in an attempt to bring down its anti-censorship services.

Beijing maintains tight control over the Internet and has one of the worst censorship models in the world. It has blocked almost all content that it deems politically sensitive and orders social media companies to censor user-generated content.

US and China have been at loggerheads over cyber attack accusations so much so that FBI Director James Comey even declared last year that China was at the “top of the list” of countries launching cyberattacks on US firms.