Telegram: Hackers in China Disrupted Service During Hong Kong Protests

By Patrick Tucker

June 13, 2019

As Hong Kong police used tear gas and rubber bullets to disperse thousands of protestors on Tuesday, unknown hackers flooded the Telegram encrypted-messaging service with bogus signals, temporarily depriving demonstrators of a key organizing tool. Company officials say the signals came from inside China.

We’re currently experiencing a powerful DDoS attack,” short for distributed denial of service, Telegram tweeted at 7:20 a.m. Washington time. “Telegram users in the Americas and some users from other countries may experience connection issues.”

Thirty-five minutes later, Telegram tweeted, “For the moment, things seem to have stabilized.”

Later in the day, Defense One asked Telegram founder and CEO Pavel Durov where the attacks originated.

IP addresses coming mostly from China,” Durov responded. “Historically, all state actor-sized DDoS (200-400 Gb/s of junk) we experienced coincided in time with protests in Hong Kong (coordinated on @telegram).”

Mark Skilton, a professor of practice at the U.K.’s Warwick Business School, said such attacks are hard to stop when local authorities, in control of network traffic, want them to proceed.

To stop this type of attack would need new technology to block adversaries’ traffic before the network, something that is not possible if the Chinese government control and have access to that network currently. What typically happens is alternative telecoms networks might be used. But I suspect those too would be targeted for a full scale attack,” Skilton said in a statement. "However, we don’t know if it was a full wide-scale internet attack or if it was a complete network-wide attack. It seems some sophistication was used to target the Telegram app and user service. This may be a symptom of a more advanced distributed ‘denial of service’ acting as a swarm of attacks against specific targets.”

Related: In Cyberspace, Governments Don’t Know How to Count

Related: In California, It’ll Be Illegal to Make Routers With Weak Passwords

Related: The White House National Cyber Strategy: Continuity with a Hint of Hyperbole

The demonstrators were protesting a proposed extradition bill that would allow Chinese authorities in Beijing to extradite people from Hong Kong to the mainland, which many fear could allow the Chinese government to crack down on dissidents currently in Hong Kong.

On the protests themselves, Human Rights Watch wrote that it is “concerned about the police using unnecessary or excessive force against the protesters. While some protester action may warrant police use of force, international human rights standards limit the use of force to situations in which it is strictly necessary.”


By Patrick Tucker // Patrick Tucker is technology editor for Defense One. He’s also the author of The Naked Future: What Happens in a World That Anticipates Your Every Move? (Current, 2014). Previously, Tucker was deputy editor for The Futurist for nine years. Tucker has written about emerging technology in Slate, The Sun, MIT Technology Review, Wilson Quarterly, The American Legion Magazine, BBC News Magazine, Utne Reader, and elsewhere.

June 13, 2019

https://www.defenseone.com/technology/2019/06/telegram-hackers-china-disrupted-service-during-hong-kong-protests/157698/