Telegram, the encrypted messaging app, says its operations have been hit by a major DDoS attack this week – and they are pointing the finger at China as the culprit.
A DDos (Distributed Denial of Service) attack has the offensive party sending a huge stream of requests at the targeted service, like having an overload of people going through a revolving door. Most frequently these days, they are launched through botnet controlled networks of smart IoT devices.
This attack came as the mainland China government is trying to clamp down on protests against plans to allow the extradition of people to the mainland from the former British colony. The protesters are using Telegram, an encrypted messaging app, for communicating and coordinating their activities.
Telegram was not the only technology issue for protesters, with some reportedly avoiding mass transit cards that could be tracked to their ID number and covering faces to hide from the facial recognition systems.
Political weapon or insecure device
Pavel Durov, founder of Telegram was explicit in blaming the Chinese government for the DDoS attack, even calling it “state-actor sized and pointing out how the timing of the attack neatly coincided with the Hong Kong protests.
However, the Telegram twitter also pointed out the DDoS risks coming from insecured devices.
Historically, some of the biggest attacks have come from botnets of enslaved Smart IoT devices using the Mirai malware as a base.
The problem of encrypted messaging
Encrypted messaging is a problem for many, if not most all governments. Add in a potential for organize large groups, and there is a real potential for something to happen. Telegram is already pulling out of Russia over that government’s demands to encryption keys for user messages. With Facebook trying to pivot into more secure messaging and countries taking a harder look at how to keep control over society in a age of always on internet and social media – we haven’t heard the last of this.