Significant DDoS Cyberattack Disrupts Uyghur Post, Incident Escalated to US Authorities
A major distributed denial-of-service (DDoS) cyberattack has severely disrupted the operations of Uyghur Post, an independent media outlet, with the incident now formally reported to United States authorities. According to a report by Uyghur Times (UT), the attack, described as large-scale and coordinated, began on March 9, 2026, leading to repeated outages and making the website intermittently unavailable for users.
Attack Details and Technical Analysis
The cyberattack involved intense traffic flooding that overwhelmed Uyghur Post's servers. Internal data and inputs from technical partners revealed that daily service requests surged to nearly 185.68 million, far exceeding normal capacity. At the peak of the attack, users attempting to access the website encountered "connection timed out" messages, indicating server overload due to malicious traffic.
Technical examination traced a significant portion of the malicious traffic to a single IP address: 154.85.40.131. IP tracing tools identified the source as located in Singapore, with network ownership linked to Baidu Netcom Science and Technology Co. Ltd., a prominent Chinese technology firm. However, Uyghur Times noted that it has not independently confirmed the exact origin of the IP addresses or the cyberattacks, leaving room for further investigation.
Response and Allegations of State-Linked Activity
Cybersecurity specialists involved in addressing the incident highlighted that the scale, coordination, and infrastructure used in the attack align with patterns observed in earlier state-linked or state-supported cyber operations. In response, the Uyghur Post team has officially reported the incident to the Federal Bureau of Investigation (FBI) cybercrime division and the Cybersecurity and Infrastructure Security Agency (CISA) under the Department of Homeland Security.
A member of the technical response team emphasized the deliberate nature of the attack, stating, "This was not a random incident. It was deliberate, prolonged, and highly coordinated. The intention was clearly to silence independent Uyghur media." This sentiment was echoed by Tahir Imin, founder of the Uyghur-language media network, who asserted that the effort is part of China's long-running campaign of transnational repression targeting Uyghur media outlets, academics, and journalists.
Historical Context and Ongoing Threats
This incident is not isolated; Uyghur Times, along with other Uyghur websites, faced a similar wave of cyberattacks in September 2019, as referenced in the UT report and noted by cybersecurity firm Volexity. Tahir Imin added, "This is not the first time that the group I work with or I have been targeted by the Chinese government," underscoring a pattern of persistent digital threats against Uyghur media entities.
The reporting of this cyberattack to US authorities marks a critical step in addressing such transnational cyber threats, highlighting the growing intersection of cybersecurity, media freedom, and international relations. As investigations proceed, the incident raises concerns about the vulnerability of independent media outlets to sophisticated cyber operations and the broader implications for global cybersecurity norms.
