WikiLeaks avengers unlikely to hurt Amazon or Visa, expert says
08.12.10 @ 09:28
BRUSSELS - Hackers who have vowed to punish firms such as Amazon, Visa, MasterCard and PayPal for cutting off WikiLeaks are unlikely to do much damage unless they link up with organised crime, a British expert on cyber security has said.
"This group could obtain the power to do something seriously damaging. But it would cost them a lot of money. They are more likely to temporarily increase the flow of traffic to these companies' websites, which would increase their costs but would not seriously disrupt normal services," Tony Dyhouse, an expert for UK think-tank Digital Systems Knowledge Transfer Network, who advises the British intelligence services on cyber security, told EUobserver on Tuesday (6 December).
Mr Dyhouse explained that a mass-scale denial of service (DOS or DDOS) attack would require hackers to hire giant botnets, networks of computers which are controlled by third parties to send spam to targets, from organised crime groups which control the majority of DOS capabilities available on the Internet today.
"Currently the largest numbers of compromised machines lie in the hands of organised crime, because they are used for phishing [identity theft] and spam. Over the past six years or so, organised crime has hired all the best hackers. Organised crime got into the game when they realised how much money they could make."
Mr Dyhouse's remarks come after one group of hackers, called Anonymous, publicly vowed to take revenge on the anti-WikiLeaks companies in the name of freedom of information on the Internet.
The British expert says "nobody knows" who Anonymous really are: "These groups start up quickly in chat rooms because of a shared interest. Some people have suggested there is US state influence behind the Amazon and PayPal decisions. They have perceived a form of censorship, of Big Brother activity, so they agreed to work together on this ... These people have a vested interest in protecting the anonymity and freedom of the Internet, so anything that threatens that, they will pick up on it."
With WikiLeaks publishing a further 100-or-so classified US cables on Wednesday morning despite the arrest of Cablegate mastermind Julian Assange on Tuesday, Mr Dyhouse said there is very little the US can do to stop further disclosures and nothing it can do to remove the content already in the public domain.
"The central repository of information - we don't know where it's gone, where it's been sent. He's very likely to have given the entirety of the information to a number of people. Once information has been released, once it's in the wrong hands, you can't get it back," he said, noting that encrypted zip files purportedly containing all 250,000 Cablegate texts are doing the rounds on the web. "The information that's been published is now in storage areas all over the world, you can never get it back."
He added that while no network is entirely secure from individuals who want to steal information, US security services could have handled the situation better.
"You would have to ask about processes. Connection to a classified network in the UK is extremely difficult. I would ask how is it somebody managed to connect a device, a CD, to a secure network in the first place? There should be traces on a network of somebody downloading large amounts of material. How come they didn't see this massive downloading?"
Commenting on the impact of the leaks so far, US state department spokesman Philip J. Crowley on Tuesday said a recent WikiLeaks release of a US list of "critical infrastructure" around the world "is providing a targeting list to a group like al-Qaeda." He added that Washington does not plan a large-scale reshuffle of compromised diplomats, but admitted that some foreign postings may be affected: "We are hopeful that no changes will be necessary. We do recognize that on a country-by-country basis, there could well be some impacts."
Mr Crowley did not rule out that the US will ask the UK to extradite Mr Assange but said there are limits to the action that Washington is willing to take: "We are mindful of the fact that we do have a Constitution, that enshrined in that Constitution is freedom of the press. We respect that, even as we have concerns about how it is exercised," he said.
Meanwhile, two leaked US cables about the cyber war on Estonia in 2007 show the difficulties which governments face in repelling a well-put-together Internet assault.
The US investigations into the events said that Estonian cyber security services were able to avoid the worst in part due to intercepting hackers' conversations on Russian-language websites. An unidentified source told the US embassy in Tallinn that the attack could not have been stopped and that the identity of the main protagonist may never be proved, however.
"[The source] opined that it is not technically feasible to prevent attacks of this nature, no matter how sophisticated a country's cyber-defenses are," one cable said. "No 'smoking gun incriminating Moscow has turned up and likely won't," the second cable added.