BOSTON — They’re calling it a global “cyberwar.” Among the victims: Visa, MasterCard, PayPal, Swiss bank PostFinance, and now the Swedish government. Among the attackers: Hackers from Chile to Norway to New Zealand.
“The fact that it’s so global is just a sign of the times. This type of operation has no borders,” says Gregg Housh, an unofficial spokesman for the loosely knit “hactivist” group Anonymous, which is organizing the cyberattacks.
Hackers worldwide have launched what they call “Operation Payback” targeting companies that have cut off support for WikiLeaks or its beleaguered founder Julian Assange. On the Twitter feed for “Operation Payback,” the hackers today announced their next target: Amazon.com.
“The war is on,” said one person on the Anonymous chat forum WhyWeProtest.net, which Mr. Housh helped create in 2008. The efforts so far have disrupted the websites of the targeted companies for brief periods of time, though it isn’t clear how much money – if any – it’s costing the companies.
While the Anonymous hackers have called this a “cyberwar” over Internet freedom and support for WikiLeaks, security specialist Bruce Schneier says this is not a “war” in any sense of the word. “It’s kids playing politics.”
Indeed, while Mr. Housh is in his mid-30s, many of the Anonymous participants are said to be teenagers.
The Swedish government’s official website, regeringen.se, was the latest to come under distributed denial of service (DDoS) attacks, which is when a mass of individual computers simultaneously attempt to access the same website, overloading and collapsing the website. A DDoS barrage overnight on Dec. 8 disabled the government website for several hours.
It came under attack because the government last month issued an arrest warrant for Mr. Assange on allegations of sexual assault, which he denies. He was arrested Dec. 7 in London and now faces possible extradition to Sweden. Assange’s lawyer has called the arrest a “political stunt.”
“In a lot of respects this has become a war. Assange is definitely thought of as a political prisoner,” says Housh in a telephone interview from Boston, where he works by day for a computer repair company. While intimately aware of Anonymous activities, Housh himself says he is only an observer at this time.
As pressure has come from the US government for WikiLeaks to cease operations, US companies have also dropped support for the site, which on Nov. 28 began publishing more than 250,000 secret US diplomatic cables.
On Dec. 1, Amazon.com refused to allow its web servers to host WikiLeaks any longer. (Ironically, Amazon’s UK website is now selling the WikiLeaks cables for the Kindle.) A day later, New Hampshire-based company EveryDNS.net refused to continue supporting the domain name WikiLeaks.org. On Dec. 3, the online payment service provider PayPal stopped processing donations to WikiLeaks. On Dec. 6, the Swiss bank PostFinance said it had frozen Assange’s account.
Some of those companies, in turn, have faced the wrath of hactivists who also call themselves “Anons” – short for Anonymous. PostFinance was disabled by DDoS attacks on Dec. 6. PayPal has reported slower services because of DDoS attacks. The websites for MasterCard and Visa were down for several hours Dec. 8.
“Anons have been organizing attacks on various sites,” confirms Mr. Housh.
But who is Anonymous? Housh says the loose-knit group is composed of anyone who joins an Anonymous online message board, shows up for an Anonymous event, or joins in Anonymous projects. The Guardian, attempting to describe the group, writes that “the membership of Anonymous is impossible to pin down; it has been described as being like a flock of birds – the only way you can identify members is by what they’re doing together.”
A spokesman for Anonymous in London who goes by the name “Coldblood” – and whom Housh knows – told the BBC today that “more and more people are joining and helping in” Operation Payback.
“I see this as becoming a war but not your conventional war. This is a war of data, we are trying to keep the Internet open and free for everyone, just the way the Internet has been and always was,” he said.
And in a now widely circulated open letter to the world, Anonymous has spoken:
“We are not a terrorist organization as governments, demagogues, and the media would have you believe. At this time Anonymous is a consciousness focused on campaigning peacefully for Freedom of Speech. We ask the world to support us, not for our sake, but for your own.
“… Pay attention citizens, governments, and the world. Anonymous’ peaceful campaign will focus on any organization, corporation, government, or entity until the Internet is truly free.”
Suspicions are in the air over what site might be the next to come under attack.
“If the big companies weren’t locking down their information before, they’re definitely doing it now,” Carole Theriault, a senior security consultant at a computer security firm Sophos, told The Telegraph: “This is really unprecedented and Amazon could be next.”
Whether the hackers succeed in downing Amazon, says security expert Mr. Schneier, depends on the volume of traffic that Amazon.com is able to handle and the barrage of DDoS attacks that Anonymous delivers.
“If the attacker has a bigger pipe than the defender, then the attacker wins,” he says. “It all depends on the size of the pipe.”