The New York Times
Cyberattackers Focus on Assange Enemies
By RAVI SOMAIYA and JOHN MARKOFF
December 8, 2010
LONDON — A small army of activist hackers orchestrated a broad campaign of cyberattacks on Wednesday in support of the beleaguered antisecrecy organization WikiLeaks, which has drawn governmental criticism from around the globe for its release of classified American documents and whose founder, Julian Assange, is being held in Britain on accusations of sex offenses.
Targets included Mastercard.com, which had stopped processing donations for WikiLeaks; Amazon.com, which revoked server space from the group; the online payment service PayPal, which cut off its commercial cooperation, and the lawyer representing the two Swedish women who have accused Mr. Assange in the sex case. The hackers also accused Visa of stopping the processing of donations for Wikileaks, and Visa.com was also affected.
By Wednesday afternoon, a counterattack had begun with Netcraft, a British Internet monitoring firm, reporting that the Web site being used by the hackers to distribute denial-of-service software had been suspended by a Dutch hosting firm, Leaseweb.
The hackers — a loosely affiliated group who call themselves Anonymous — continued to give instructions for the denial of service attacks via a Twitter account until it was suspended later in the afternoon.
Anonymous had vowed to take revenge on any organization that lined up against WikiLeaks. The group claimed responsibility for at least the Mastercard attack, and, according to one activist associated with the group, was conducting multiple other attacks.
That activist, Gregg Housh, said in a telephone interview that 1,500 people were on online forums and chatrooms including Anonops.net, mounting mass and repeated “denial of service” attacks on sites that have moved against Mr. Assange and WikiLeaks in recent days.
The hacker army has rallied around the theory that all the actions against the organization and against Mr. Assange, including the rape accusations, are politically motivated efforts to silence those challenging authority.
“To all of us,” Mr. Housh said, “there is no distinction. He is a political prisoner and the two things are completely entwined.”
In an online chatroom at Anonops.net, activists who announced their nationalities from around the world — “hello from Sierra Leone” — “hi from Austria” — talked openly of the attacks and said they would need 5,000 people to effectively paralyze PayPal. Many also plotted a rumor campaign to further destabilize Mastercard — suggesting that others spread stories that credit card numbers were not safe.
Mr. Housh said there had been talk among the hackers of a campaign against Mr. Assange’s Swedish accusers, but that it remained “a touchy subject, so a lot of people don’t want to be involved.”
The women were named on Web sites supportive of Mr. Assange just a few days after their allegations surfaced in late August. But a Web search shows new blog posts in recent days that name the women and try to discredit them. It was not clear whether there was any link to Anonymous, or to a concerted campaign of any kind. Swedish law precludes the naming of the women, and the authorities have referred to them so far only as Ms. A and Ms. W.
Meanwhile, a spokesman for Mastercard confirmed that the company’s Web site was brought down as a result of “a concentrated effort to flood our corporate Web site with traffic and slow access,” but said that card transactions were not compromised. The company, he said, was making concerted efforts to get its site back up, and security teams were working to prevent further outages. The initial decision to deny service to WikiLeaks, he said, was “Mastercard’s alone,” and was not made under government pressure.
Visa issued a statement late Wednesday afternoon saying that its Web site was “experiencing heavier than normal traffic” though it did not say why. The company said that it was “taking steps to restore the site to full operations within the next few hours" and that its payment processing network, which handles cardholder transactions, was functioning normally.
A PayPal representative confirmed a series of attacks, but said that while the Website had been slowed, it remained “fully operational.”
PostFinance, the Swiss postal system’s financial arm, which closed Mr. Assange’s account after saying he provided false information by saying that he resided in Switzerland, was also under attack Wednesday. Marc Andrey, a spokesman for PostFinance, said that the company had been under serious assault, “an overload organized by friends of WikiLeaks we think,” since Monday evening. The attack blocked the Web site for several hours, and it remains unstable, he said. The company has taken active security measures and is bracing itself for another battle.
Mr. Housh, who has worked on previous campaigns with Anonymous but disavows any illegal activity himself, said it was the first time the group had enough firepower to bring down well-secured blue chip companies like Mastercard. “No tactics have changed this time,” he said, “but there is so much support and there are so many people doing it that sites like that are going down.”
The Anonymous group, which gained notoriety for their cyberattacks on targets as diverse as the Church of Scientology and the rock musician Gene Simmons, released two manifestos over the weekend vowing revenge on those who moved against WikiLeaks after the organization’s recent release of classified diplomatic documents from a cache of 250,000 it had obtained.
“We fight for the same reasons,” said one. “We want transparency and we counter censorship.”
Mr. Assange, a 39-year-old Australian, was jailed in Britain on Tuesday after being denied bail in a London court hearing on a warrant for his extradition to Sweden to face accusations of sexual offenses. His accusers have said that consensual encounters became nonconsensual when condoms were no longer in use; in the Tuesday hearing, the court heard the allegation that Mr. Assange had unprotected sex with one of the women as she was sleeping.
On the courthouse steps, his lawyer, Mark Stephens, told reporters that support shown for Mr. Assange and WikiLeaks so far was “the tip of the iceberg.”
In words that now seem prophetic, he added that the battle for WikiLeaks and its founder’s future was “going to go viral.”
Some Internet experts drew a distinction between cyberattacks and what they call “hacktivism,” saying the Anonymous moves were more aptly described as the latter. “These are not attacks by national states or criminals,” Marc Rotenberg, director of the nonprofit Electronic Privacy Information Center in Washington, wrote in an e-mail. “They are launched by political protesters who are seeking to disrupt business activity much like those who have engaged in boycotts and other forms of political protest have done in the past. So far, the protests appear peaceful, with the aim to be disruption of activity rather than actual destruction of property.”
Twitter, which was threatened with attack by the 4chan Web site for blocking discussions of WikiLeaks, issued a statement early in the day saying that it had not censored any of the terms related to the controversy.
“Twitter is not censoring #wikileaks, #cablegate or other related terms from the Trends list of trending topics,” the company said in a statement. “Our Trends list is designed to help people discover the ‘most breaking’ breaking news from across the world, in real-time. The list is generated by an algorithm that identifies topics that are being talked about more right now than they were previously.”
The company noted that a number of factors may come into play in determining which terms are identified by the Trends list.