Tags: Hackers, MasterCard, Visa, WikiLeaks

Cyberwar Threat from WikiLeaks Hackers Overblown

[Editor's Note: We want to hear from you! Do you have a comment, suggestion, story idea or a question? Let us know at [email protected]. (**) And be sure to check back for responses to reader questions and comments.]

By , Associate Editor, Money Morning

WikiLeaks supporters have unleashed disruptive cyber attacks on a number of Web sites to get revenge on companies disassociating from the controversial non-profit media group and its founder, Julian Assange.

Since Nov. 29 WikiLeaks has released 250,000 confidential documents detailing U.S. diplomatic interactions with other nations, prompting a number of companies to cut ties with the group - though none have claimed government pressure encouraged them to do so.

The release has caused a freedom of information debate, with some supporting the documents' release and others calling it an act of terrorism.

The situation escalated when Assange turned himself in to United Kingdom police Wednesday after Swedish prosecutors issued a warrant for his arrest on charges of sexual misconduct.

MasterCard Inc. (NYSE: MA), the world's second-biggest payments processor, decided this week to block its network use by WikiLeaks in light of growing controversy surrounding the group. The company's decision was followed Wednesday with a denial-of-service attack by a group of Internet hackers calling themselves "Anonymous." Distributed denial-of-service (DDoS) attacks occur when a site is flooded with traffic and requests that disable computer servers.

The MasterCard Web site was offline for several hours as part of the group's "Operation Payback," a cyber assault in which it sought to defend WikiLeaks and attack corporate control of the Internet.

"The issue appears to be the result of a concentrated effort to flood our corporate website with traffic and slow access," MasterCard spokesman James Issokson told Bloomberg. "[T]here is no impact on our cardholders' ability to use their cards for secure transactions globally."

"Anonymous" also took credit for sidelining Visa Inc.'s (NYSE: V) Web site later that day. The site's home page was down for less than an hour and the company said in a statement its payment processing was unaffected.

The increasing Internet disruptions - dubbed by some as the start of a cyberwar - prompted the following letter from a concerned Money Morning reader.

WikiLeaks seems to be having serious impact on financial institutions such as MasterCard and it appears likely to spread. How serious is it? What's about to happen to financial markets? Is anybody safe?

- Leo Q.

Experts so far have said that the cyberwar has been more of a frustrating disruption than alarming attack.

Cyber-security expert Bruce Schneier said the type of attack was common, "and a not particularly interesting one at that…It's kids playing politics, no threat whatsoever."

But the hacktivists' actions haven't gone without some consequences. The United Kingdom's online payment processing company SecureTrading said Internet attacks made SecureCode, the private code service needed for account holders to make online purchases, unavailable for up to six hours Wednesday.

"This is one of the biggest trading days in the Internet shopping calendar," Jon Prideaux, deputy chief executive of SecureTrading, told the Financial Times. "This is an extremely bad time for this to happen."

The cyberwar is similar to a widespread DDoS attack in February 2000, when e-commerce and media sites belonging to Amazon.com Inc. (Nasdaq: AMZN), Ebay Inc. (Nasdaq: EBAY) and CNN were disabled and online retailers suffered losses. The losses now could be much more substantial with online purchases constituting a more significant percentage of holiday shopping.

The credit card companies aren't the only online businesses to cut ties with controversial WikiLeaks.

Ebay's PayPal unit blocked WikiLeaks this week, saying it violated the online payment company's acceptable use policy. PayPal's blog was shut down by attacks for more than eight hours.

Amazon.com claimed WikiLeaks violated terms of service and dropped it from Amazon.com's web-hosting service last week, prompting the hackers to post a Twitter message targeting the online retailer: "TARGET: WWW.AMAZON.COM LOCKED ON!!!"

Swiss bank PostFinance closed an account held by Assange claiming he didn't qualify to be a client. A Web site attack followed that prevented clients from making transactions for more than 11 hours.

The hackers coordinated attacks through Facebook and Twitter accounts, which have been removed by the online social networking sites. Operation Payback's Twitter account included a link to a file allegedly containing consumer credit card information.

But the hacktivists continue to create new accounts and are using separate chat rooms to communicate.

Anonymous published a "manifesto" online Thursday, saying it "most certainly is not a group of hackers," and that Operation Payback is a campaign "against those who seek to misuse the internet," and would be "now directed towards those who employ unfair means to fight WikiLeaks."

"The goal is simple," the group wrote. "Win the right to keep the Internet free of any control from any entity, corporation, or government."

The hacktivists have targeted a variety of sites, like ones belonging to WikiLeaks critic Sen. Joe Lieberman, D-CT, Republican Sarah Palin and the Swedish prosecutor investigating the allegations against Assange.

"The campaign is not over from what I've seen, it's still going strong. More people are joining," a hacktivist spokesman calling himself "Coldblood" told BBC Radio 4.

Technology experts say that although concerns remain low, the threats should encourage Internet service providers to be more active in securing network safety and blocking harmful computers like those involved in Operation Payback's attacks.

"We need to drain the swamp of malicious activity," said Andy Purdy, former acting director of the National Cyber Security Division at the U.S. Department of Homeland Security.

(**) Money Morning editors reserve the right to edit responses for grammar, length and clarity when posting on our Web site. Please include your name and hometown with your email.

News and Related Story Links: