Home > Security > Data Security

Computerworld - An anonymous, loosey affiliated group that has been responsible for a series of recent distributed denial-of-service (DDoS) attacks against entertainment industry Web sites over copyright issues, has started attacking organizations viewed as being hostile to WikiLeaks, says a PandaLabs researcher.

The group, dubbed Anonymous, launched a DDoS attack on Monday that knocked out Swiss payment transaction firm PostFinance's Web site.

The attack was in apparent retaliation for the firm's freezing of an account set up by WikiLeaks founder Julian Assange, said Sean-Paul Correll, a threat researcher at PandaLabs, which is an international network of virus research and technical support centers.

PostFinance's main Web site was unavailable for several hours but appeared to have been restored by late Monday afternoon.

The attack on PostFinance was preceded by one against PayPal's blog site over the weekend, Correll said. That attack was apparently prompted by PayPal's decision to cut off money services to WikiLeaks last week, after WikiLeaks started releasing thousands of classified diplomatic cables written by U.S. State Department officials.

The PayPal attack began at 4.00 a.m. Pacific time on Saturday and resulted in the blog being unavailable for a total of more than eight hours, Correll said.

Meanwhile, Anonops.net, a site that Anonymous has used to announce its attack plans, came under a massive DDoS attack earlier on Monday, apparently by those opposed to WikiLeaks. In an ironic twist, users attempting to reach the Anonops site were being redirected to PostFinance's Web site late Monday evening.

A lengthy statement posted on the anonymous group's Web site listed several organizations that the group claimed had stifled WikiLeaks' effort to release the documents. "We will find and will attack those who stand against Wikileaks and we will support WikiLeaks in everything they need," the statement said.

Anonymous said it will offer WikiLeaks an additional site for mirroring the leaked documents. The group also claimed that it will create 'counter-propaganda' and organize DDoS attacks on "various targets related to censorship."

Anonymous' campaign over copyright enforcement issues, known as Operation:Payback, has resulted in DDoS attacks that have knocked out sites belonging to the Recording Industry Association of America, the Motion Picture Association of America and others.

In the statement announcing support for Assange, the organizers of Anonymous declared that "Operation:Payback has come out in support of WikiLeaks and has declared war on the entities involved in censoring [their] information."

The online tussle between those opposed to WikiLeaks' campaign and those supporting it highlights how the Internet is increasingly becoming the battleground for all sorts of causes, Correll said.

"People are starting to figure out they can use technology to fight back," he said. "They have realized they don't have to just stand in a picket line. This has been going on for a few years, but it's getting more organized."

WikiLeaks began releasing tens of thousands of classified cables from the U.S. Department of State last Sunday. After a massive DDoS against its French hosting firm rendered the site unavailable for several hours, WikiLeaks quickly moved to Amazon's cloud hosting service last Monday.

Just two days later, Amazon booted WikiLeaks off its servers, forcing WikiLeaks to move its site once again, this time to a Swedish hosting company.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at  @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

Read more about Data Security in Computerworld's Data Security Topic Center.