Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous

Aiko Pras, Anna Sperotto, Giovane Moreira Moura, Idilio Drago, R.R.R. Barbosa, R. Sadre, R. de Oliveira Schmidt, R.J. Hofstede, Rick Hofstede

Research output: Book/ReportReport

Abstract

On November 28, 2010, the world started watching the whistle blower website WikiLeaks to begin publishing part of the 250,000 US Embassy Diplomatic cables. These confidential cables provide an insight on U.S. international affairs from 274 different embassies, covering topics such as analysis of host countries and leaders and even requests for spying out United Nations leaders. The release of these cables has caused reactions not only in the real world, but also on the Internet. In fact, a cyberwar started just before the initial release. Wikileaks has reported that their servers were experiencing distributed denial-of-service attacks (DDoS). A DDoS attack consists of many computers trying to overload a server by firing a high number of requests, leading ultimately to service disruption. In this case, the goal was to avoid the release of the embassy cables. After the initial cable release, several companies started severed ties with WikiLeaks. One of the first was Amazon.com, that removed the WikiLeaks web- site from their servers. Next, EveryDNS, a company in which the domain wikileaks.org was registered, dropped the domain entries from its servers. On December 4th, PayPal cancelled the account that WikiLeaks was using to receive on-line donations. On the 6th, Swiss bank PostFinance froze the WikiLeaks assets and Mastercard stopped receiving payments to the WikiLeaks account. Visa followed Mastercard on December 7th. These reactions caused a group of Internet activists (or “hacktivists‿) named Anonymous to start a retaliation against PostFinance, PayPay, MasterCard, Visa, Moneybrookers.com and Amazon.com, named “Operation Payback‿. The retaliation was performed as DDoS attacks to the websites of those companies, disrupting their activities (except for the case of Amazon.com) for different periods of time. The Anonymous group consists of volunteers that use a stress testing tool to perform the attacks. This tool, named LOIC (Low Orbit Ion Cannon), can be found both as a desktop application and as a Web page. Even though the group behind the attacks claims to be anonymous, the tools they provide do not offer any security services, such as anonymization. As a consequence, a hacktivist that volunteers to take part in such attacks, can be traced back easily. This is the case for both current versions of the LOIC tool. Therefore, the goal of this report is to present an analysis of privacy issues in the context of these attacks, and raise awareness on the risks of taking part in them.
LanguageUndefined
Place of PublicationEnschede
PublisherCentre for Telematics and Information Technology (CTIT)
Number of pages10
StatePublished - 10 Dec 2010

Publication series

NameCTIT Technical Report Series
PublisherUniversity of Twente, Centre for Telematics and Information Technology (CTIT)
No.TR-CTIT-10-41
ISSN (Print)1381-3625

Keywords

  • Anonymous
  • IR-75331
  • METIS-276244
  • EWI-19151
  • LOIC
  • WikiLeaks

Cite this

Pras, A., Sperotto, A., Moreira Moura, G., Drago, I., Barbosa, R. R. R., Sadre, R., ... Hofstede, R. (2010). Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous. (CTIT Technical Report Series; No. TR-CTIT-10-41). Enschede: Centre for Telematics and Information Technology (CTIT).
Pras, Aiko ; Sperotto, Anna ; Moreira Moura, Giovane ; Drago, Idilio ; Barbosa, R.R.R. ; Sadre, R. ; de Oliveira Schmidt, R. ; Hofstede, R.J. ; Hofstede, Rick. / Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous. Enschede : Centre for Telematics and Information Technology (CTIT), 2010. 10 p. (CTIT Technical Report Series; TR-CTIT-10-41).
@book{c3cf45137bb7403399ba1799248a697f,
title = "Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous",
abstract = "On November 28, 2010, the world started watching the whistle blower website WikiLeaks to begin publishing part of the 250,000 US Embassy Diplomatic cables. These confidential cables provide an insight on U.S. international affairs from 274 different embassies, covering topics such as analysis of host countries and leaders and even requests for spying out United Nations leaders. The release of these cables has caused reactions not only in the real world, but also on the Internet. In fact, a cyberwar started just before the initial release. Wikileaks has reported that their servers were experiencing distributed denial-of-service attacks (DDoS). A DDoS attack consists of many computers trying to overload a server by firing a high number of requests, leading ultimately to service disruption. In this case, the goal was to avoid the release of the embassy cables. After the initial cable release, several companies started severed ties with WikiLeaks. One of the first was Amazon.com, that removed the WikiLeaks web- site from their servers. Next, EveryDNS, a company in which the domain wikileaks.org was registered, dropped the domain entries from its servers. On December 4th, PayPal cancelled the account that WikiLeaks was using to receive on-line donations. On the 6th, Swiss bank PostFinance froze the WikiLeaks assets and Mastercard stopped receiving payments to the WikiLeaks account. Visa followed Mastercard on December 7th. These reactions caused a group of Internet activists (or “hacktivists‿) named Anonymous to start a retaliation against PostFinance, PayPay, MasterCard, Visa, Moneybrookers.com and Amazon.com, named “Operation Payback‿. The retaliation was performed as DDoS attacks to the websites of those companies, disrupting their activities (except for the case of Amazon.com) for different periods of time. The Anonymous group consists of volunteers that use a stress testing tool to perform the attacks. This tool, named LOIC (Low Orbit Ion Cannon), can be found both as a desktop application and as a Web page. Even though the group behind the attacks claims to be anonymous, the tools they provide do not offer any security services, such as anonymization. As a consequence, a hacktivist that volunteers to take part in such attacks, can be traced back easily. This is the case for both current versions of the LOIC tool. Therefore, the goal of this report is to present an analysis of privacy issues in the context of these attacks, and raise awareness on the risks of taking part in them.",
keywords = "Anonymous, IR-75331, METIS-276244, EWI-19151, LOIC, WikiLeaks",
author = "Aiko Pras and Anna Sperotto and {Moreira Moura}, Giovane and Idilio Drago and R.R.R. Barbosa and R. Sadre and {de Oliveira Schmidt}, R. and R.J. Hofstede and Rick Hofstede",
year = "2010",
month = "12",
day = "10",
language = "Undefined",
series = "CTIT Technical Report Series",
publisher = "Centre for Telematics and Information Technology (CTIT)",
number = "TR-CTIT-10-41",
address = "Netherlands",

}

Pras, A, Sperotto, A, Moreira Moura, G, Drago, I, Barbosa, RRR, Sadre, R, de Oliveira Schmidt, R, Hofstede, RJ & Hofstede, R 2010, Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous. CTIT Technical Report Series, no. TR-CTIT-10-41, Centre for Telematics and Information Technology (CTIT), Enschede.

Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous. / Pras, Aiko; Sperotto, Anna; Moreira Moura, Giovane; Drago, Idilio; Barbosa, R.R.R.; Sadre, R.; de Oliveira Schmidt, R.; Hofstede, R.J.; Hofstede, Rick.

Enschede : Centre for Telematics and Information Technology (CTIT), 2010. 10 p. (CTIT Technical Report Series; No. TR-CTIT-10-41).

Research output: Book/ReportReport

TY - BOOK

T1 - Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous

AU - Pras,Aiko

AU - Sperotto,Anna

AU - Moreira Moura,Giovane

AU - Drago,Idilio

AU - Barbosa,R.R.R.

AU - Sadre,R.

AU - de Oliveira Schmidt,R.

AU - Hofstede,R.J.

AU - Hofstede,Rick

PY - 2010/12/10

Y1 - 2010/12/10

N2 - On November 28, 2010, the world started watching the whistle blower website WikiLeaks to begin publishing part of the 250,000 US Embassy Diplomatic cables. These confidential cables provide an insight on U.S. international affairs from 274 different embassies, covering topics such as analysis of host countries and leaders and even requests for spying out United Nations leaders. The release of these cables has caused reactions not only in the real world, but also on the Internet. In fact, a cyberwar started just before the initial release. Wikileaks has reported that their servers were experiencing distributed denial-of-service attacks (DDoS). A DDoS attack consists of many computers trying to overload a server by firing a high number of requests, leading ultimately to service disruption. In this case, the goal was to avoid the release of the embassy cables. After the initial cable release, several companies started severed ties with WikiLeaks. One of the first was Amazon.com, that removed the WikiLeaks web- site from their servers. Next, EveryDNS, a company in which the domain wikileaks.org was registered, dropped the domain entries from its servers. On December 4th, PayPal cancelled the account that WikiLeaks was using to receive on-line donations. On the 6th, Swiss bank PostFinance froze the WikiLeaks assets and Mastercard stopped receiving payments to the WikiLeaks account. Visa followed Mastercard on December 7th. These reactions caused a group of Internet activists (or “hacktivists‿) named Anonymous to start a retaliation against PostFinance, PayPay, MasterCard, Visa, Moneybrookers.com and Amazon.com, named “Operation Payback‿. The retaliation was performed as DDoS attacks to the websites of those companies, disrupting their activities (except for the case of Amazon.com) for different periods of time. The Anonymous group consists of volunteers that use a stress testing tool to perform the attacks. This tool, named LOIC (Low Orbit Ion Cannon), can be found both as a desktop application and as a Web page. Even though the group behind the attacks claims to be anonymous, the tools they provide do not offer any security services, such as anonymization. As a consequence, a hacktivist that volunteers to take part in such attacks, can be traced back easily. This is the case for both current versions of the LOIC tool. Therefore, the goal of this report is to present an analysis of privacy issues in the context of these attacks, and raise awareness on the risks of taking part in them.

AB - On November 28, 2010, the world started watching the whistle blower website WikiLeaks to begin publishing part of the 250,000 US Embassy Diplomatic cables. These confidential cables provide an insight on U.S. international affairs from 274 different embassies, covering topics such as analysis of host countries and leaders and even requests for spying out United Nations leaders. The release of these cables has caused reactions not only in the real world, but also on the Internet. In fact, a cyberwar started just before the initial release. Wikileaks has reported that their servers were experiencing distributed denial-of-service attacks (DDoS). A DDoS attack consists of many computers trying to overload a server by firing a high number of requests, leading ultimately to service disruption. In this case, the goal was to avoid the release of the embassy cables. After the initial cable release, several companies started severed ties with WikiLeaks. One of the first was Amazon.com, that removed the WikiLeaks web- site from their servers. Next, EveryDNS, a company in which the domain wikileaks.org was registered, dropped the domain entries from its servers. On December 4th, PayPal cancelled the account that WikiLeaks was using to receive on-line donations. On the 6th, Swiss bank PostFinance froze the WikiLeaks assets and Mastercard stopped receiving payments to the WikiLeaks account. Visa followed Mastercard on December 7th. These reactions caused a group of Internet activists (or “hacktivists‿) named Anonymous to start a retaliation against PostFinance, PayPay, MasterCard, Visa, Moneybrookers.com and Amazon.com, named “Operation Payback‿. The retaliation was performed as DDoS attacks to the websites of those companies, disrupting their activities (except for the case of Amazon.com) for different periods of time. The Anonymous group consists of volunteers that use a stress testing tool to perform the attacks. This tool, named LOIC (Low Orbit Ion Cannon), can be found both as a desktop application and as a Web page. Even though the group behind the attacks claims to be anonymous, the tools they provide do not offer any security services, such as anonymization. As a consequence, a hacktivist that volunteers to take part in such attacks, can be traced back easily. This is the case for both current versions of the LOIC tool. Therefore, the goal of this report is to present an analysis of privacy issues in the context of these attacks, and raise awareness on the risks of taking part in them.

KW - Anonymous

KW - IR-75331

KW - METIS-276244

KW - EWI-19151

KW - LOIC

KW - WikiLeaks

M3 - Report

T3 - CTIT Technical Report Series

BT - Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous

PB - Centre for Telematics and Information Technology (CTIT)

CY - Enschede

ER -

Pras A, Sperotto A, Moreira Moura G, Drago I, Barbosa RRR, Sadre R et al. Attacks by “Anonymous‿ WikiLeaks Proponents not Anonymous. Enschede: Centre for Telematics and Information Technology (CTIT), 2010. 10 p. (CTIT Technical Report Series; TR-CTIT-10-41).