‘Hacktivists’ rally around WikiLeaks, attack corporate sites

Katherine Creel | Boulder Weekly

With the political pressure mounting, WikiLeaks is becoming too hot for some business to handle. Companies such as MasterCard, Visa and PayPal, which processed donations to the site, and Swiss bank PostFinance, which held the foundation’s account, have all cut ties with the controversial whistle-blowing site.


But while businesses may be stepping back from WikiLeaks, a group of politically motivated hackers has come forward in defense of the site and launched Operation Payback.

Known collectively as Anonymous, the group has made retaliatory attacks on the websites of businesses they claim have “abandoned” WikiLeaks due to political pressure. So far, the group, which has no affiliation with WikiLeaks itself, has reportedly hit Visa, MasterCard, PayPal, PostFinance and other organizations with distributed denial-of-service (DDoS) attacks, which can temporarily shut down a website. PostFinance and PayPal were among the earliest hit in Operation Payback, followed by MasterCard and Visa.

In an online manifesto published by the group, Anonymous says it is “actively campaigning for the free flow of information,” and is “against anyone who supports censorship, such as those who are responsible for the silencing of WikiLeaks.” Kristinn Hrafnsson, spokesman for WikiLeaks, said in a statement, “We neither condemn nor applaud these attacks. We believe they’re a reflection of public opinion on the actions of the targets.”

DDoS attacks work by flooding a website with more data than it can handle, temporarily shutting it down, or making it so slow as to be unusable. Because of the large amount of resources needed to clog a site, hackers generally use a botnet, a network of remotely controlled computers, to carry out the attacks.

John Black, an associate professor of computer science at the University of Colorado at Boulder, says DDoS attacks are nearly impossible for companies to defend against because there is no way for websites to differentiate between legitimate user data and data being dumped by a DDoS attack.

“A well-conducted DDoS attack is indistinguishable from legitimate traffic,” he said. “You can’t filter these kinds of packets [of data] because this one is clearly malicious and this other one is clearly a customer trying to buy something. You can’t tell the difference.”

One of the only ways to counter the influx of data is with more bandwidth, which is generally too expensive for most companies. This leaves companies like MasterCard, which generally only see a moderate amount of Internet traffic, more vulnerable to attack than sites like Amazon.com, which has massive amounts of bandwidth at its disposal.

What sets Operation Payback apart from conventional DDoS attacks is the public, voluntary and political nature of the campaign. Rather than surreptitiously infecting users’ computers, Anonymous is asking users themselves to download the software for the DDoS attack and voluntarily join the attacks.

“The old and traditional model is that these black hats, these trouble makers, will use a virus or a worm to break into thousands of machines [and] set up their software themselves, rather than have it voluntary,” Black says. “This the first time that I’ve ever heard of people volunteering their own personal resources — in this case their computer and their bandwidth — to join some cause as part of a botnet that they don’t actually understand the technology. They’re just saying ‘Yeah, I’ll download this thing and run it.’” The tool reportedly has been downloaded more than 80,000 times so far.

As of this week, Anonymous has reportedly changed tactics, launching Operation Leakspin, a website that aims to summarize and publicize more of the leaked cables.