U.S. Web site covering China scandal disrupted by cyberattack

By Ellen Nakashima, 

A U.S.-based Web site that has aggressively covered China’s biggest political scandal in decades was the victim of a disruptive attack that was accompanied by threats to the service that registers its domain name, the site’s manager said Friday.
The site was rendered inaccessible for much of Thursday, depriving readers of coverage of the latest developments in the downfall of Chinese Communist Party official Bo Xilai, said Watson Meng, 47, who runs the Chinese-language site from Durham, N.C.

Chinese viewers are able to gain access through proxy servers that get them around China’s Internet firewall, which the government uses to block certain content. Meng said he believes some element of the government ordered the disruption, but said he has no forensic proof.
The site, Boxun, has been targeted previously while publishing material considered sensitive by the Chinese government.
“It’s obvious that it’s related to what we have been reporting recently,” Meng said.
Chinese Embassy spokesman Geng Shuang called the allegation groundless. “The Chinese government prohibits online criminal offenses of all forms, including cyber attacks, and has done what it can to combat such activities in accordance with Chinese law,” he said in an e-mail.
Since February, Boxun has covered the story of Bo, a party chief in Chongqing who was ousted last month amid a government investigation into corruption and allegations of murder against his wife. In the past two weeks, Meng said, the site began reporting allegations that Zhou Yongkang, China’s security chief and a top party official, had plotted with Bo to block the rise of Xi Jinping, who is slated to become China’s next president.
Meng said he got a call Thursday morning from an employee at Name.com, the firm that registers Boxun at a specific Internet address. Name.com informed Meng that it had been hit with a distributed denial-of-service (DDoS) attack in which high volumes of Internet traffic are directed against a particular server, causing it to fail.
The employee also told Meng the company had received an anonymous e-mail threatening to continue the disruption unless it dropped Boxun, Meng said.
“We cannot host you. You have to move off,” he said he was told. “I asked, ‘How much time do we have?’ ” Meng said. “I was told, immediately.”
Name.com founder William Mushkin expressed regret in an e-mail to The Post, confirming that his firm had received a letter demanding Boxun.com be disabled. Shortly afterward, Name.com’s main Web site and other servers came under a “massive . . . attack . . . one of the largest ones in the company’s history.”
Name.com manages 1.5 million domains or sites, Mushkin said, suggesting that those sites would have been put at risk if the servers came under attack. During the DDoS attack, he said, Name.com received an additional e-mail threatening to continue the assault “unless we handed over the domain to the attackers and told the original owner that it was stolen.”
At that point, he said, Name.com helped Meng transfer his site to another registrar as quickly as possible.

 http://www.washingtonpost.com/