< Hacktivists Wage Cyberwar on Behalf of WikiLeaks


Friday, December 10, 2010

BOB GARFIELD: Two weeks on, the ripples from the WikiLeaks release of diplomatic cables spread around the world. In Washington, legislation has been drafted with the potential to criminalize certain practices of WikiLeaks, but also journalism in general. Governmental agencies have sought to bar their employers from accessing WikiLeaks’ classified documents, now broadly accessible by everyone. Meanwhile, amid calls for the capture or execution of WikiLeaks’ founder Julian Assange from certain quarters of Capitol Hill, The New York Times reports that European papers are decrying hypocrisy in the land of free speech across the sea. And in Pakistan, faked cables indicting Indian intentions were planted in newspapers, possibly by Pakistani intelligence. And if things couldn't get any more complicated, the Swedish newspaper Dagens Nyheter reports that disaffected former WikiLeaks staffers will launch OpenLeaks, a WikiLeaks alternative, on Monday. All over the world, lines are being drawn in the battle among freedom of information absolutists, moderates and security-firsters. And first blood in this battle has now been drawn in cyberspace.

BROOKE GLADSTONE: This week, WikiLeaks’ founder, Julian Assange, turned himself in to British authorities to answer Swedish rape charges, but a group of avenging angels is still at large. Hackers known collectively as “Anonymous” have been launching online attacks against the perceived enemies of WikiLeaks. The weapon of choice: distributed denial of service, or DDOS attacks, illegally crashing servers by flooding them with data requests. Anonymous, formerly known for targeting anti-filesharing sites and Scientologists, this week attacked PayPal for deleting WikiLeaks’ account, Visa and MasterCard for blocking credit card transactions related to WikiLeaks and the Swiss bank PostFinance for seizing WikiLeaks’ accounts. Most recently, Anonymous threatened to go after Amazon for kicking WikiLeaks off its server. Anonymous calls its campaign of Internet sabotage “Operation Payback.” The Daily Beast’s Brian Ries has tracked the situation. Brian, welcome to the show.

BRIAN RIES: Thank you very much.

BROOKE GLADSTONE: So a distributed denial of service attack, that’s when you flood a website with a bunch of requests and messages and it just crashes the server?

BRIAN RIES: They're using what’s called a botnet, which is a whole group of computers around the world, some of them willing, some of them unwilling. You queue them up, you tell the computer to send data requests. This happens thousands and thousands of times, all at the same time. It crashes the servers. The websites go down. They just can't handle that surge of requests.

BROOKE GLADSTONE: And the fact is to launch a distributed denial of service attack is easier than it used to be, right?

BRIAN RIES: What’s made this one easy is there’s a program that they're all using, acronym LOIC, which stands for Low Orbit Ion Cannon, and it was developed back when they were attacking Scientology, that basically enables anyone to download it, click Go, and it puts you into this army of hacktivists and it starts making your computer send these requests towards the website that you’re trying to take down.

BROOKE GLADSTONE: The slogan of Anonymous is “We are Anonymous. We do not forgive. We do not forget. We are legion.” Are they legion?

BRIAN RIES: They are in the sense that they have this collective mentality where they work as one, but they're not legion in the sense that they're a coordinated group. When they launch these attacks, there are chat rooms where they organize them from. They do use the same software. But there’s no leader, there’s no order of ascension, should the leader be arrested, or whatever. It’s just for the most part a mass amount of people all acting with the same mission in mind.

BROOKE GLADSTONE: So they started with Scientology. Later on they attacked the motion picture industry’s website and the recording industry’s website. And, to use another Internet expression, they [LAUGHS] were doing it for the LOLS, which I guess is Internet-speak for “just for laughs.” But this isn't just for laughs, is it?

BRIAN RIES: No. For once, you know, it seems they're really, really doing it for an ethical reason. They believe strongly that freedom of information, freedom of speech is a fundamental part of the Internet, and this is what’s kind of motivating them, at this point in time. Before, you know, they didn't have the numbers that they have this time. When I was in the chat room when they were organizing it, there was maybe 90 to 100 people who had activated the program. Last I heard recently, there was upwards of a thousand people in this room using that program. And so, it’s just a like a snowball. It gets bigger and bigger and bigger, and they can always take down bigger and bigger sites.

BROOKE GLADSTONE: It’s like the mob going down the street in Frankenstein, gathering more and more people, carrying pitchforks and torches?

BRIAN RIES: Yeah, or like in a cartoon when you see that rolling ball of cats fighting and you see a claw come out once in a while.

[BROOKE LAUGHS] That’s what I envision here.

BROOKE GLADSTONE: [LAUGHS] Obviously, the group Anonymous has been out front and center this week defending WikiLeaks, but there are plenty of other factions in the hacker world that have gotten involved in this too.

BRIAN RIES: That's right. You know, there’s the highbrow hackers, they see Anonymous as kind of amateurs. They call them “script kiddies” because all they're doing is downloading this program and using it to attack these websites. The better hackers, the more experienced ones, are using more innovative ways, like setting up mirrors, per se, which is when they take the data on WikiLeaks and host it on their own servers, so that should WikiLeaks fall the data will live on. Emmanuel Goldstein, editor-in-chief of The Hacker Quarterly, told me how silencing your opponent is simply for people who have run out of ideas, which is his way of saying that good hackers will develop the tools necessary to keep the information flowing, keep speech alive and not trying to shut that down, just like WikiLeaks is being shut down.

BROOKE GLADSTONE: So initially The Jester attacked WikiLeaks, then Anonymous attacked the perceived enemies of WikiLeaks. Now there is a sort of counter-counter war going on against Anonymous, right?

BRIAN RIES: The website where they're hosting a lot of these tools, they've been attacked with their own DDOS attacks. They're not sure who from, they're not sure why. They figure it’s to silence them, to stop them from taking down these websites. Some of them told me they think it might be the Department of Defense, it could be security firms working for some of these companies that are hoping to disrupt the attacks. But it’s hard to say.

BROOKE GLADSTONE: Meanwhile, for better or for worse, WikiLeaks is now associated with a bunch of vigilante hackers who don't seem to have any qualms about bringing down the websites of those with whom they disagree. Do you think that the WikiLeaks association with these guys could actually end up hurting it?

BRIAN RIES: If WikiLeaks wants to be an organization that wants to promote free speech and freedom of information and no secrets, it’s gonna be hard to have a bunch of supporters who are out there trying to silence their own opposition.

BROOKE GLADSTONE: It does seem like the image of WikiLeaks keeps changing.

BRIAN RIES: It sure does, and Julian Assange’s role in it all keeps changing too. And he went from kind of a modest leader to a very strong leader, and now he’s become almost a hero for some of these activists.

BROOKE GLADSTONE: And a lunatic to others.

BRIAN RIES: And a lunatic [LAUGHS] and a pain in the side, and a criminal to others.

BROOKE GLADSTONE: Thanks very much, Brian.

BRIAN RIES: Thank you very much.

BROOKE GLADSTONE: Brian Ries writes for The Daily Beast. On Thursday, Dutch authorities announced that they had arrested a 16-year-old in connection with the Anonymous attacks on Visa and MasterCard.