Latest News

Thursday, 9 December 2010

Amazon site unaffected by pro-Wikileaks attack

Attempts by online activists to bring down online retailer Amazon's website appear to have failed.

The group Anonymous had pledged to to attack the site at 1600 GMT but the site seems to be functioning normally.
The site was targeted because it withdrew services from whistle-blowing website Wikileaks
The tool through which attacks are carried out against websites perceived to be anti-Wikileaks has now been downloaded more than 31,000 times.
Security experts warned people to avoid joining the voluntary botnet.
Other targets of the loose-knit group Anonymous include Visa, Mastercard and Paypal.
The websites are targetting using the Anonymous attack tool known as LOIC. When a person installs the tool on their PC it enrols the machine into a voluntary botnet which then bombards target sites with data.
These distributed denial-of-service (DDoS) attacks are illegal in many countries, including the UK.
Social network Facebook confirmed that it had removed Operation Payback - as the campaign is known - from the site because it was promoting its attack tool.

Motivation
Anonymous member Coldblood told the BBC that he did not understand how firms such as Visa and Mastercard have decided that Wikileaks is illegal.
"We feel that they have bowed to government pressure. They say Wikileaks broke their terms and conditions but they accept payments from groups such as the Ku Klux Klan," he told the BBC.
He said that he has not personally taken part in the recent distributed denial-of-service (DDoS) attacks but explained the motives of those who have.
"Everyone is aware that they are illegal but they feel that it is a worthy cause and the possible outcome outweighs the risk," he said.

He said such attacks were only one tactic in its fight to keep the information being distributed by Wikileaks available.


In a twist to the story it has emerged that Amazon, which last week refused to host Wikileaks, is selling a Kindle version of the documents Wikileaks has leaked.
Anonymous have named the online retailer as its next target.
Earlier attacks against Visa and Mastercard knocked the official websites of the two offline for a while and resulted in problems for some credit card holders.
The attacks have been relatively small so far mustering less then 10 gigabits per second of traffic, said Paul Sop, chief technology officer at Prolexic which helps firms to defend themselves against the type of attack being employed by Anonymous.


"What's really wreaking havoc with these enterprises is how often the attackers can rotate the attack vectors," he said. "We see the attack complexity being more devastating as the mitigation technologies enterprises use can't filter out all these permutations."
Defending against an attack typically involves analysis to work out which ones are being employed. A tactic that may not work well in this case, he said.
"These Anonymous attacks are like riding a bull, they can change wildly and at a moment's notice," said Mr Sop.
Carole Thierault, a security researcher at Sophos, warned against getting involved with the Anonymous campaign.
"No-one, no matter how much you want to take part, should do this," she said. "It is very risky, and most probably illegal."
Ms Thierault said downloading and installing the LOIC attack tool was very risky.
"No-one should download unknown code on to their system," she said. "You're giving access to your computer to a complete stranger."

Coinciding ideals



As well as releasing the attack tool, the Anonymous group has also been active in helping to create mirror sites. To date there are over one thousand sites offering exact copies of the content on Wikileaks.
It is also ensuring the information is available on dark nets, heavily encrypted layers of the internet via which information can be extracted while remaining untraceable.
The DDoS attacks are the latest battle in a wider fight known as Operation Payback, which targets firms Anonymous sees as "misusing the internet".
Past targets include the music industry and law firms associated with the attempt to bring music pirates to book.
The new-found attention on Anonymous has led the group to publish its manifesto.
In it, it denies that it is a group of hackers.
"Anonymous is not an organisation...and it most certainly is not a group of hackers," it said.
"Anonymous is an online living consciousness, comprised of different individuals with, at times, coinciding ideals and goals."
It also keen to distance itself from Coldblood, who it said is not a spokesperson for the group.

No comments:

Post a Comment