CEO Pavel Durov says the attack, which temporarily disrupted Telegram’s service, came from mostly Chinese IP addresses.
Messaging platform Telegram has said it was hit by a powerful cyber attack that coincided with protests in Hong Kong.
Hundreds of thousands have taken to the streets of the Chinese-ruled city in recent days to protest against an extradition bill that would allow people to be sent to the mainland to stand trial. Activists in both Hong Kong and mainland China, where Telegram is blocked, frequently use the messaging system to organize protests in the hope of evading government surveillance.
Telegram CEO Pavel Durov tweeted…
That the attack, which was aimed at disrupting the service rather than an attempt to steal user data, came from mostly Chinese IP addresses.
“Historically, all state actor-sized [attacks] we experienced coincided in time with protests in Hong Kong [coordinated on @telegram]. This case was not an exception.”
Telegram detailed the attack in a thread on Twitter, explaining: “We’re currently experiencing a powerful DDoS attack. The attack appears to have affected Telegram’s 200 million users across the Americas and “some other countries,” who “may experience connection issues,” the messenger firm said in a tweet on Wednesday. It confirmed that user data was safe.
“A DDoS is a ‘Distributed Denial Of Service attack’
Ian Thornton-Trump, security head at AmTrust Europe statements…
Ian Thornton-Trump, security head at AmTrust Europe, says “Disruption of communication and coordination services used by the protesters would be part of the tactical response. It’s all part of a standard regime response we have seen during the Arab spring.
“Cyberweapons and techniques can be applied externally to adversaries as well as internally to control non-compliant groups inside a country,” Thornton-Trump says
“As both the protests and U.S. trade tariffs take effect it’s likely China will get even more aggressive in cyber and physical space. Public order and a growing economy are two of the most important aspects of China’s government and both seem to be deteriorating.”
If China was responsible, Thornton-Trump also suggests a more nefarious motivation for the attack: “Maybe because the Chinese government couldn’t intercept Telegram, it chose to DDoS it to force the leaders of the protest to use communication means which are less secure: ‘If you can’t intercept it, disrupt it,’.”
It shows two things, he says: “China’s resolve to deal with protests in any way they can and that China is not afraid to use offensive cyber capabilities against commercial entities to protect Chinese interests.”