China syndromeChina’s Global Reach: Surveillance and Censorship Beyond the Great Firewall
Those outside the People’s Republic of China (PRC) are accustomed to thinking of the Internet censorship practices of the Chinese state as primarily domestic, enacted through the so-called “Great Firewall”—a system of surveillance and blocking technology that prevents Chinese citizens from viewing websites outside the country. But the ongoing Hong Kong protests, and mainland China’s pervasive attempts to disrupt and discredit the movement globally, have highlighted that China is not above trying to extend its reach beyond the Great Firewall, and beyond its own borders. In attempting to silence protests that lie outside the Firewall, in full view of the rest of the world, China is showing its hand, and revealing the tools it can use to silence dissent or criticism worldwide.
Those outside the People’s Republic of China (PRC) are accustomed to thinking of the Internet censorship practices of the Chinese state as primarily domestic, enacted through the so-called “Great Firewall”—a system of surveillance and blocking technology that prevents Chinese citizens from viewing websites outside the country. The Chinese government’s justification for that firewall is based on the concept of “Internet sovereignty.” The PRC has long declared that “within Chinese territory, the internet is under the jurisdiction of Chinese sovereignty.”
Hong Kong, as part of the “one country, two systems” agreement, has largely lived outside that firewall: foreign services like Twitter, Google, and Facebook are available there, and local ISPs have made clear that they will oppose direct state censorship of its open Internet.
But the ongoing Hong Kong protests, and mainland China’s pervasive attempts to disrupt and discredit the movement globally, have highlighted that China is not above trying to extend its reach beyond the Great Firewall, and beyond its own borders. In attempting to silence protests that lie outside the Firewall, in full view of the rest of the world, China is showing its hand, and revealing the tools it can use to silence dissent or criticism worldwide.
Some of those tools—such as pressure on private entities, including American corporations NBA and Blizzard—have caught U.S. headlines and outraged customers and employees of those companies. Others have been more technical, and less obvious to the Western observers.
The “Great Cannon” Takes Aim at Sites Outside the Firewall
The Great Cannon is a large-scale technology deployed by ISPs based in China to inject javascript code into customers’ insecure (HTTP) requests. This code weaponizes the millions of mainland Chinese Internet connections that pass through these ISPs. When users visit insecure websites, their browsers will also download and run the government’s malicious javascript—which will cause them to send additional traffic to sites outside the Great Firewall, potentially slowing these websites down for other users, or overloading them entirely.
The Great Cannon’s debut in 2015 took down Github, where Chinese users were hosting anti-censorship software and mirrors of otherwise-banned news outlets like the New York Times. Following widespread international backlash, this attack was halted.
Last month, the Great Cannon was activated once again, aiming this time at Hong Kong protestors. It briefly took down LIHKG, a Hong Kong social media platform central to organizing this summer’s protests.
Targeting the Global Chinese Community Through Malware
Pervasive online surveillance is a fact of life within the Chinese mainland. But if the communities the Chinese government wants to surveill aren’t at home, it is increasingly willing to invest in expensive zero-days to watch them abroad, or otherwise hold their families at home hostage.
