Thursday, December 9, 2010

WikiLeaks Cyberwar: "Pro-WikiLeaks cyber army gains strength; thousands join DDoS attacks"


"Volunteers download attack tool, organizers recruit hacker botnets, say researchers"

"Computerworld - The retaliatory attacks by pro-WikiLeaks activists are growing in strength as hackers add botnets and thousands of people download an open-source attack tool, security researchers said today.

In recent days, distributed denial-of-service (DDoS) attacks have been launched against several sites, including those belonging to Amazon, MasterCard, PayPal and the Swiss payment transaction firm PostFinance, after each terminated WikiLeaks accounts or pulled the plug on services."

"Most of those participating in the attacks are using the LOIC (Low Orbit Ion Cannon) DDoS tool, said researchers with Imperva and Sophos.

The open-source tool, which is sometimes classified as a legitimate network- and firewall-stress testing utility, is being downloaded at the rate of about 1,000 copies per hour, said Tal Be'ery, the Web research team lead at Imperva's Application Defense Center.

"Downloads have soared in the last two days," said Be'ery in an interview. As of 4 p.m. ET, more than 44,000 copies of LOIC had been downloaded from GitHub.

LOIC has become the DDoS tool of choice in the pro-WikiLeaks attacks because users can synchronize their copies with a master command-and-control server, which then coordinates and amplifies the attacks.

"If I download [LOIC] and voluntarily set the server information, the command-and-control server can control my copy of LOIC," said Be'ery. "The command-and-control server can then sync the attack, which makes it much more powerful because the DDoS attacks are occurring at the same time and hitting the same target."

"In a new step in the campaigns, botnets -- armies of already-compromised computers that hackers control remotely -- are now being recruited for the DDoS attacks, said Beth Jones, a senior threat researcher with Sophos. "Until now, the attacks have been done by volunteers who download LOIC," said Jones. "But now more groups are joining in with their botnets."

Be'ery said that Imperva had seen IRC chatter of at least one 100,000-PC botnet being thrown into the attacks.

"Operators of these attacks have repeatedly asked on IRC if someone can donate botnets," said Be'ery. "It looks like they feel the need for some more horsepower."

The fact that the organizers of Operation Payback are soliciting more firepower is a clue that they're not able to match the defenses erected by the sites they've targeted, said Be'ery. "They're having a bit of a problem. PayPal and others are doing good work to keep their sites alive, so they're after more machines and telling people [participating in the DDoS attacks] to do what they're told and focus on the targeted sites.""

""What's really surprising is that so many people are willing to put themselves on the line legally," she said, pointing out that using a tool like LOIC to attack a site is illegal in most jurisdictions, including the United States.

"A more firm legal response may be helpful," Be'ery agreed. "I'm not even sure that everyone understands that what they're doing is illegal."

On Wednesday, Dutch police arrested a 16-year-old in The Hague for allegedly participating in the attacks against Visa, MasterCard and PayPal. The teen is to be arraigned in Rotterdam on Friday.

"The penny will drop when some of these guys are arrested," predicted Be'ery."
[blod mine - James]

ComputerWorld - Pro-WikiLeaks cyber army gains strength; thousands join DDoS attacks

Please do a click through on the above link to give them an ad hit - I have excerpted a large chunk of their article

----
"IDG News Service - Dutch authorities arrested a 16-year-old boy on Wednesday in relation to the cyberattacks against Visa, MasterCard and PayPal, which were aimed at punishing those companies for cutting off services to WikiLeaks.

The boy was arrested in The Hague, and he will be arraigned before a judge on Friday in Rotterdam, according to a press release from the Netherlands' Public Prosecution Service. The boy, whose computer equipment was seized, has allegedly confessed to taking part in the attacks.

The Public Prosecution Service said he is likely part of a larger group of hackers.

The arrest follows a series of distributed denial-of-service (DDOS) attacks aimed at websites that have been critical of WikiLeaks, which has been releasing portions of 250,000 secret U.S. diplomatic cables since late last month. The attacks seek to overwhelm websites and services by sending streams of meaningless traffic.

Part of the attacks originated in the Netherlands and the main site coordinating the attacks, anonops.net, was hosted in a Dutch data center in Haarlem. The site is down since police actions Wednesday."

ComputerWorld - Dutch arrest 16-year-old related to WikiLeaks attacks

----

Is this what a revolution feels like? Is this a revolution?

Is this the founding of a semi-independent online nation?


That's what anonymous wants. I wonder if the monarchies of France and England felt like the oligarchs that run the world right now when faced with the French Revolution and the American Revolution?

Were they as disdainful of the "peons" rising up? Were they just as sure that they could just crack down and everyone would fall back into line?

The internet is the largest and longest lived political anarchy in the history of humankind.

It has already changed our political and corporate governance structures in "meatspace". But is this rebellion the beginning of "self-awareness" of an online nation?

3 comments:

  1. It's old-school direct action. It's the internet equivalent of the general strike, combined with a bit of rough play. It's pretty damn exciting. Maybe these companies will start having second thoughts when their websites have been down for a week or two.

    ReplyDelete
  2. I'm sure that a lot of these hackers are self-absorbed narcissists.

    Hearing about one of their recent manifestos, I started thinking about how for all their bluster about how they own the internet and nobody can control it, China does a pretty good job of oppressing the internet. But then I thought, no, ... the access, the wide-open ability to take your money is what the entire internet is all about. The system can't live without access. If they want at our money and they want at our computers, then it must be, to some degree, to some opening, reciprocal.

    So these hackers never will go away.

    And yes, I think it's true that some of these folks don't know what they're doing is illegal. (Especially some of the teenagers.) I don't think they are all doing it for the right reasons. I don't think that these hackers are all heroes and sweethearts, i think some of them are dangerous, or spoiled, or deluded, or obnoxious, or whatever.

    But revolutions are seldom made by the rational and restrained.

    And in this case, I think they're on the side of the angels. And I hope they bring the villains in this story to their knees.

    ReplyDelete
  3. I agree

    ----

    Robespierre, Marat, and Danton were all deeply flawed individuals with any number of odd ideas and tendencies... the long term historical effect of their ideas and actions is substantial even when weighed against their simultaneous crimes against humanity.

    ----

    Even those who worked inside the system: (e.g) Woodsworth, Coldwell, Douglas - Trudeau, MacDonald - Johnson, King, Roosevelt - all real people with real flaws to accompany the change they wrought

    ReplyDelete