ON MARCH 26th GitHub, an American-based website for programmers, began to suffer what it says is its biggest ever denial-of-service attack. The means and apparent motive were just as noteworthy: the Great Firewall, China’s web-filtering infrastructure, was used. The assault seems to have been intended to persuade GitHub to drop content the Chinese authorities object to, including the Chinese-language edition of the New York Times. The attackers’ identities will probably never be confirmed. But the rules of online engagement with China have taken a nasty turn.

As its nickname suggests, the Great Firewall is a defensive barricade against foreign web content which officials see as undesirable. Until now internet users outside China have been little affected. That changed on March 17th, security analysts say, when the firewall began to be used by unidentified hackers to hijack traffic and redirect it to sites set up by Greatfire.org, an activist outfit that helps users in China to access content that is normally blocked (including the Chinese-language New York Times). The assault on GitHub was similar. Both attacks intercepted foreign traffic entering China that was meant for Baidu, China’s largest search engine, and sent it to the targeted American sites. (Baidu has said it was not involved and is “determined” to prevent a repeat.)

The immediate aim of such attacks is to bring down the targeted website, depriving Chinese users of access to copies of blocked sites (at least until new ones are set up). In the longer term, it may be to discourage foreign internet firms from hosting such “mirror” sites. Amazon’s cloud service, for example, hosts the Greatfire.org sites that were attacked. On March 27th GitHub’s administrators said they believed the purpose was to “convince” them “to remove a specific class of content”.

Whoever was behind the attacks, they are part of a wider Chinese challenge to the existing online order. Since the 1990s, when China first connected to the internet, its officials have been concerned both about America’s influence over it and about the difficulty of maintaining control of online content. The first systematic filtering of foreign websites began in 1996, after which the Great Firewall was built and repeatedly upgraded. For years it has blocked access to Facebook, Twitter, YouTube and the sites of some foreign news organisations, notably those that have investigated the finances of leaders’ families. Since Xi Jinping became the Communist Party’s general secretary in late 2012 the authorities have clamped down even more, much as they have on voices offline.

This year officials have stepped up attempts to disrupt the use of virtual private networks (VPNs), which can be used to circumvent firewalls. They have become more assertive about what they regard as national sovereignty online, and have called on other countries to respect it. Breaches of online sovereignty might well include a foreign website giving Chinese users an alternative route to blocked content. In January the Cyberspace Administration of China (CAC), the regulator, said Greatfire.org was run by “anti-China” foreign forces. (The site does not disclose who or where its founders are.)

On March 31st Greatfire.org pinned the blame for the recent attacks on the CAC, saying that the Great Firewall could not have been used without its approval or that of Lu Wei, the minister in charge. But attribution is hard to prove. According to Nathan Freitas of the Berkman Centre for Internet & Society at Harvard University, there is no smoking gun implicating the Chinese government—but the authorities should be asked how they allowed critical internet infrastructure to be “compromised by criminals”. The Economist sought comment from CAC via its preferred means of communication, the fax, but has received no reply.