Thursday, December 9, 2010

Hackers Target WikiLeaks 'Enemies': Mastercard, Twitter, Paypal, Even FoxNews.com

In an unprecedented assault described variously as civil disobedience or criminal hacking, supporters of WikiLeaks struck out Wednesday at perceived enemies of the site and its jailed founder Julian Assange, launching hack attacks against MasterCard, Swedish prosecutors, and others -- and promising future attacks against Twitter, PayPal and even FoxNews.com.

http://img593.imageshack.us/img593/7200/1291659886233.png

The "hacktivists," operating under the label Operation: Payback, claimed responsibility in a Twitter message for causing the outages at MasterCard, which pulled the plug on its relationship with WikiLeaks on Tuesday. An online poster put out by the campaign makes its goals explicit.

"We will fire at anyone or anything that tries to censor WikiLeaks, including multi-billion dollar companies such as PayPal. Twitter, you're next for censoring #wikileaks discussion." 
"The major shittstorm has begun," the poster reads. 

MasterCard was the first to experience issues. The site remains disabled following attacks, though the company would not confirm to the Associated Press whether WikiLeaks was involved. Spokesman James Issokson said MasterCard was trying to restore service Wednesday but was not sure how long that would take. (The website's technical problems have no impact on consumers using credit cards for secure transactions, he added.)

This type of online activism is simply unprecedented, said Chester Wisniewski, senior security advisor of security firm Sophos

"This is the first time we're seeing mass civil unrest on the Internet, Wisniewski told FoxNews.com. "We haven't really seen a public uprising like this before. And it's a surprise to a lot of the public that the Internet is that fragile, that individual people can have an impact like that."

Due to the sprawling nature of the Internet, this type of assault is relatively easy to carry out and succeed at, he noted. "The reality is the Internet wasn't ever designed to be the scale and scope that it is today," Wisniewski said.

MasterCard is the first in a string of U.S.-based Internet companies targeted by "denial of service" attacks in which computers across the Internet are harnessed -- sometimes surreptitiously, sometimes intentionally -- to jam target sites with mountains of requests for data, knocking them out of commission.
Most of the hacks to date have been orchestrated through the use of a free, downloadable tool called LOIC; short for "low orbit ion cannon," the tool enables ordinary people to participate in targeted assaults on websites. The current target is identified on the Operation: Payback website, while a separate page lists a wide range of potential targets. The group lists the BBC, FoxNews.com, CNN.com, Amazon, and others as potential targets.

But Wisniewski is quick to point out that sites currently in the crosshairs are easy targets; a larger site like FoxNews.com or the Washington Times would be hosted on a wide range of servers, and consequently much harder to take down.

"The Mastercard website is really just a branding presence, not something that's really super secure or well protected. And Twitter -- on the best of days I get failwhales," he told FoxNews.com, referencing the well-known image meant to indicate that the site's servers are overwhelmed.

He also stressed the uniqueness of the citizen activism and uprising of the current events, which many participants may regard as an act of civil disobedience. It may also be illegal. 

"In the United States, yes, it would be a breach of the Computer Fraud and Abuse Act to intentionally attack a website in the U.S. with the intent of denying service," Wisniewski said. It is impossible to ascertain how many people are currently participating in the attacks, however, so there is no way to tell whether there are only a handful of people or thousands.
And it's equally challenging to defend against. 
"Denial of service is very difficult to defend against when you have a massive volume of people," Wisniewski told FoxNews.com.

Per Hellqvist, a security specialist with the firm Symantec, said a loose network of web activists called Anonymous appeared to be behind many of the attacks. The group, which has previously focused on the Church of Scientology and the music industry, has promised to come to Assange's aid by knocking offline websites seen as hostile to WikiLeaks.

"While we don't have much of an affiliation with WikiLeaks, we fight for the same reasons," the group said in a statement on its website. "We want transparency and we counter censorship. ... This is why we intend to utilize our resources to raise awareness, attack those against and support those who are helping lead our world to freedom and democracy."

Ironically, microblogging site Twitter -- home of much WikiLeaks support -- could become the next target. Operation Payback posted an online statement claiming "Twitter you're next for censoring Wikileaks discussion."

Some WikiLeaks supporters accuse Twitter of preventing the term "WikiLeaks" from appearing as one of its popular "trending topics." Twitter denies censorship, saying the topics are determined by an algorithm.
WikiLeaks angered the U.S. government earlier this year when it posted a war video taken by Army helicopters showing troops gunning down two unarmed Reuters journalists. Since then, the organization has leaked some 400,000 classified U.S. war files from Iraq and 76,000 from Afghanistan that U.S. military officials say included names of U.S. informants and other information that could put people's lives at risk.

The latest leaks involve private U.S. diplomatic cables that included frank U.S. assessments of foreign nations and their leaders.

Those cables have had serious repercussions for the United States, embarrassing allies, angering rivals, and reopening old wounds across the world. State and Defense department officials say foreign powers have been pulling back from their dealings with the U.S. government since the documents hit the Internet.
The latest batch of cables released Wednesday showed that the British government feared a furious Libyan reaction if the convicted Lockerbie bomber wasn't set free and expressed relief when they learned that he would be released in 2009 on compassionate grounds.

Meanwhile, Assange faces a new extradition hearing in London next week, in which his lawyers say they will reapply for bail. The 39-year-old Australian denies two women's allegations in Sweden of sexual misconduct, which includes rape, molestation and unlawful coercion, and is fighting his extradition to Sweden.

In a Twitter message Wednesday, WikiLeaks spokesman Kristinn Hrafnsson shrugged off all the challenges and noted that the site is mirrored in over 500 locations by supporters.
"The latest batch of cables were released and our media partners released their next batch of stories," Hrafnsson said. "We will not be gagged, either by judicial action or corporate censorship ... WikiLeaks is still online."

0 comments:

Post a Comment