[THS] !!!!!! The first great cyber war: WikiLeaks supporters ATTACK

[The Harder Stuff in news and commentary]

The first great cyber war

WikiLeaks supporters disrupt Visa and MasterCard sites in 'Operation Payback'

MasterCard and Visa attacked after restricting dealings with WikiLeaks – and hackers
say Twitter is next

http://www.guardian.co.uk/world/2010/dec/08/wikileaks-visa-mastercard-operation-
payback


Esther Addley and Josh Halliday
The Guardian, Thursday 9 December 2010

Supporters of Julian Assange in London. WikiLeaks supporters Anonymous have
launched a campaign of online attacks against perceived enemies. Photograph: Peter
Macdiarmid/Getty Images

It is, according to one breathless blogger, "the first great cyber war", or as those
behind it put it more prosaically: "The major shitstorm has begun."

The technological and commercial skirmishes over WikiLeaks escalated into a full-
blown online assault yesterday when, in a serious breach of internet security, a
concerted online attack by activist supporters of WikiLeaks succeeded in disrupting
MasterCard and Visa.

The acts were explicitly in "revenge" for the credit card companies' recent decisions
to freeze all payments to the site, blaming illegal activity. Though it initially would
acknowledge no more than "heavy traffic on its external corporate website",
MasterCard was forced to admit last night that it had experienced "a service
disruption to the MasterCard directory server", which banking sources said meant
disruption throughout its global business.

Later, Visa's website was also inaccessible. A spokeswoman for Visa said the site was
"experiencing heavier than normal traffic" and repeated attempts to load the
Visa.com site was met without success.

MasterCard said its systems had not been compromised by the "concentrated effort"
to flood its corporate website with "traffic and slow access". "We are working to
restore normal service levels," it said in a statement. "There is no impact on our
cardholders' ability to use their cards for secure transactions globally."

In an attack referred to as Operation Payback, a group of online activists calling
themselves Anonymous said they had orchestrated a DDoS (distributed denial of
service) attack on the site, and issued threats against other businesses which have
restricted WikiLeaks' dealings.

Also targeted in a dramatic day of internet activity was the website of the Swedish
prosecution authority, which is currently seeking to extradite the WikiLeaks founder,
Julian Assange, on sex assault charges, and that of the Stockholm lawyer who
represents them. The sites of the US senator Joe Lieberman and the former Alaska
governor Sarah Palin, both vocal critics of Assange, were also attacked and disrupted,
according to observers. Palin last night told ABC news that her site had been hacked.
"No wonder others are keeping silent about Assange's antics," Palin emailed ABC.
"This is what happens when you exercise the First Amendment and speak against his
sick, un-American espionage efforts."

An online statement from activists said: "We will fire at anything or anyone that tries
to censor WikiLeaks, including multibillion-dollar companies such as PayPal 
 Twitter,
you're next for censoring #WikiLeaks discussion. The major shitstorm has begun."
Twitter has denied censoring the hashtag, saying confusion had arisen over its
"trending" facility.

A Twitter account linked to the activists was later suspended after it claimed to have
leaked credit card details online.

Though DDoS attacks are not uncommon by groups of motivated activists, the scale
and intensity of the online assault, and the powerful commercial and political critics of
WikiLeaks ranged in opposition to the hackers, make this a high-stakes enterprise
that could lead to uncharted territory in the internet age.

A spokesman for the group, a 22-year-old from London who called himself Coldblood,
told the Guardian it was acting for the "chaotic good" in defence of internet freedom
of speech. It has been distributing software tools to allow anyone with a computer
and an internet connection to join in the attacks.

The group has already succeeded this week in bringing down the site of the Swiss
bank PostFinance, which was successfully attacked on Monday after it shut down one
of WikiLeaks' key bank accounts, accusing Assange of lying. A PostFinance
spokesman, Alex Josty, told Associated Press the website had buckled under a
barrage of traffic. "It was very, very difficult, then things improved overnight, but it's
still not entirely back to normal."

Other possible targets include Amazon, which removed WikiLeaks' content from its
EC2 cloud on 1 December, and EveryDNS.net, which suspended dealings with the
site two days later. PayPal has also been the subject of a number of DDoS attacks –
which often involve flooding the target site with requests so that it cannot cope with
legitimate communication – since it suspended all payments to WikiLeaks last week.

A PayPal spokesman told the Guardian that while a site called ThePayPalBlog.com had
been successfully silenced for a few hours, attempts to crash its online payment
facilities had been unsuccessful.

The site suggested today its decision to freeze payments had been taken after it
became aware of the US state department's letter saying WikiLeaks's activities were
deemed illegal in the US.

Tonight PayPal said that it was releasing the money held in the WikiLeaks account,
although it said the account remains restricted to new payments.

A statement from PayPal's general counsel, John Muller, sought to "set the record
straight". He said that the company was required to comply with laws around the
world and that the WikiLeaks account was reviewed after "the US department of state
publicised a letter to WikiLeaks on November 27, stating that WikiLeaks may be in
possession of documents that were provided in violation of US law. PayPal was not
contacted by any government organisation in the US or abroad. We restricted the
account based on our Acceptable Use Policy review. Ultimately, our difficult decision
was based on a belief that the WikiLeaks website was encouraging sources to release
classified material, which is likely a violation of law by the source.

"While the account will remain restricted, PayPal will release all remaining funds in
the account to the foundation that was raising funds for WikiLeaks. We understand
that PayPal's decision has become part of a broader story involving political, legal and
free speech debates surrounding WikiLeaks' activities. None of these concerns
factored into our decision. Our only consideration was whether or not the account
associated with WikiLeaks violated our Acceptable Use Policy and regulations required
of us as a global payment company. Our actions in this matter are consistent with
any account found to be in violation of our policies."

PayPal did not explain how WikiLeaks violated this policy in their statement and
requests for further information went unanswered.

There have been accusations that WikiLeaks is being targeted for political reasons, a
criticism repeated yesterday after it emerged that Visa had forced a small IT firm
which facilitates transfers made by credit cards including Visa and MasterCard, and
has processed payments to WikiLeaks, to suspend all of its transactions – even those
involving other payees. Visa had already cut off all donations being made through the
firm to WikiLeaks.

DataCell, based in Iceland, said it would take "immediate legal action" and warned
that the powerful "duopoly" of Visa and MasterCard could spell "the end of the credit
card business worldwide". Andreas Fink, its chief executive, said: "Putting all
payments on hold for seven days or more is one thing, but rejecting all further
attempts to donate is making the donations impossible.

"This does clearly create massive financial losses to WikiLeaks, which seems to be the
only purpose of this suspension. This is not about the brand of Visa, this is about
politics and Visa should not be involved in this 
 It is obvious that Visa is under
political pressure to close us down."

Operation Payback, which refers to itself "an anonymous, decentralised movement
that fights against censorship and copywrong", argues that the actions taken by Visa,
MasterCard and others "are long strides closer to a world where we cannot say what
we think and are unable to express our opinions and ideas. We cannot let this
happen. This is why our intention is to find out who is responsible for this failed
attempt at censorship. This is why we intend to utilise our resources to raise
awareness, attack those against and support those who are helping lead our world to
freedom and democracy."

The MasterCard action was confirmed on Twitter at 9.39am by user
@Anon_Operation, who later tweeted: "We are glad to tell you that
http://www.mastercard.com/ is down and it's confirmed! #ddos #WikiLeaks
Operation: Payback (is a bitch!) #PAYBACK"

The group, Coldblood said, is about 1,000-strong. While most of its members are
teenagers who are "trying to make an impact on what happens with the limited
knowledge they have", others include parents and IT professionals, he said.

Anonymous was born out of the influential internet messageboard 4chan in 2003, a
forum popular with hackers and gamers. The group's name is a tribute to 4chan's
early days, when any posting to its forums where no name was given was ascribed to
"Anonymous".

But the ephemeral group, which picks up causes "whenever it feels like it", has now
"gone beyond 4chan into something bigger", its spokesman said. There is no real
command structure; membership of the group has been described as being "like a
flock of birds" – the only way you can identify members is by what they are doing
together. Essentially, once enough people on the 4chan message boards decide
some cause is worth pursuing in large enough numbers, it becomes an "Anonymous"
cause.

"We're against corporations and government interfering on the internet," Coldblood
said. "We believe it should be open and free for everyone. Governments shouldn't try
to censor because they don't agree with it. Anonymous is supporting WikiLeaks not
because we agree or disagree with the data that is being sent out, but we disagree
with any from of censorship on the internet."

Last night WikiLeaks spokesman Kristinn Hrafnsson said: "Anonymous ... is not
affiliated with WikiLeaks. There has been no contact between any WikiLeaks staffer
and anyone at Anonymous. We neither condemn nor applaud these attacks. We
believe they are a reflection of public opinion on the actions of the targets."