December 15, 2010 : Big business declares war on WikiLeaks, hactivists respond
Big business declares war on WikiLeaks, hactivists respond
The websites of financial and technological companies that cut off services to whistleblowing website WikiLeaks have come under attack by supporters of transparency and openness across the world, in a coordinated campaign codenamed 'Operation Payback'. The companies, which include Amazon, PayPal, MasterCard, Visa and PostFinance, seem to have taken the arguably unlawful measures under pressure from the US government. The loose group of hactivists behind the attacks, known as Anonymous, had vowed to continue their 'digital sit-in' demanding total freedom of the Internet.
The state-corporate war on WikiLeaks follows legal and illegal attempts to take its website down, which were countered by supporters setting up numerous mirrors of the site; cyber attacks by what appears to be US government-sponsored hackers; and the politically motivated arrest of WikiLeaks founder, Julian Assange, in London over alleged sex charges he once faced in Sweden.
State-corporate alliance against WikiLeaks
Soon after - and even before - WikiLeaks started the release of 250,000 US diplomatic cables on 28th November, the whistleblowing site and its founder, Julian Assange, came under pressure on all fronts by a government-corporate alliance that tried every trick in the book to suppress the leaking of the embarrassing documents and punish those responsible.
As the hacking and media attacks proved futile - thanks to hundreds of mirrors that mushroomed all over the web and the synchronised publication of the cables by many mainstream media outlets - the US and other governments called upon their traditional allies, multinational companies providing financial and technological services, to cut off all links with WikiLeaks in an attempt to strangle it.
On 1st December, US senator Joe Lieberman, chairman of the Senate's committee on homeland security, said: "I call on any other company or organization that is hosting Wikileaks to immediately terminate its relationship with them. Wikileaks' illegal, outrageous, and reckless acts have compromised our national security and put lives at risk around the world. No responsible company - whether American or foreign - should assist Wikileaks in its efforts to disseminate these stolen materials." The French minister of industry, Eric Besson, similarly warned that there would be "consequences for any companies or organisations helping to keep WikiLeaks online in the country."
Speaking before he was remanded in custody, Assange said the corporate actions against WikiLeaks amounted to the "privatisation of state censorship." "These attacks will not stop our mission, but should be setting off alarm bells about the rule of law in the US," he added. Assange was initially refused bail, despite massive sureties put forward, but has since been released on bail.
The first company to distance itself from Wikileaks was Tableau Software, which provided it with free software for data visualisation, by removing visuals published by WikiLeaks to Tableau Public based on the diplomatic cables. The company has admitted the reason was pressure from Senator Lieberman.
On the same day, online retailer Amazon removed Wikileaks' content from its EC2 cloud service. WikiLeaks had had to move its site from its servers in Sweden to Amazon servers in the US (was there no better alternative?). After being shut out by Amazon, WikiLeaks found a refuge for part of its content at OVH, a small web hosting company based in northern Franc. French industry minister Eric Besson has vowed, however, to find ways to ban hosting of the site. Many countries, including Thailand and China, had blocked access to cablegate.wikileaks.org. On 5th September, the OVH server hosting the diplomatic cables went offline, so Swedish company Pirate Party took over the hosting.
Amazon soon came under a coordinated Distributed Denial of Service (DDoS) attacks, which involve flooding a website with a large number of hits so it stops working. The company admitted "there were indeed large-scale DDOS attacks" but claimed they were "successfully defended against."
Amazon insists its action was not due to political pressure or the DDoS attacks on its website, but because WikiLeak did not "own or otherwise control all the rights to this classified content" and that the leaked documents could be "putting innocent people in jeopardy." (Who's that, diplomats?) Ironically, Amazon has been selling a Kindle version of the Wikileaks diplomatic cables.
The next day, American domain name provider EveryDNS dropped WikiLeaks from its entries, saying the hacking attacks against WikiLeaks would "threaten the stability of the EveryDNS.net infrastructure." This, it claimed, was against its Acceptable Use Policy. (Really? Is porn more acceptable use, then?).
DNS (Domain Name System) is the protocol used to translate friendly names on the Internet (wikileaks.org) to their numeric IP addresses (http://18.104.22.168). This means that Wikileaks still continued to own the domain 'wikileaks.org' but it was no longer accessible through that name on the Internet. So Wikileaks shifted to a backup domain (wikileaks.ch) registered in Switzerland but hosted in Sweden, though the cables were partly hosted by OVH. The Swiss registrar for wikileaks.ch has declined pressure from US and French authorities to remove the site or block access to it.
On 4th September, e-commerce provider PayPal, which is owned by US auction site eBay, announced it had "permanently restricted" the account used by WikiLeaks to collect donations due to a "violation of the PayPal Acceptable Use Policy." PayPal later admitted it had been "advised" by the US State Department that WikiLeaks' activities were "illegal." The State Department letter had, in fact, said that the leaking rather than the publication of the documents was illegal. "As long as Wikileaks holds such material, the violation of the law is ongoing," it added.
Thus, PayPal was declared as the next target of Operation Payback, with DDoS attacks reported more than once.
MasterCard and Visa
On 5th December, credit card company MasterCard pulled the plug on WikiLeaks, restricting the ability to make payments to its bank account using the company's credit cards. A MasterCard spokesman said the company suspended dealings with WikiLeaks because "MasterCard rules prohibit customers from directly or indirectly engaging in or facilitating any action that is illegal." There has, of course, been no court ruling that WikiLeaks activities are illegal, only politically charged statements by US government officials.
The Anonymous hactivists retaliated by launching a DDoS attack on MasterCard's website, causing it to crash. MasterCard initially claimed the attack was no more than "heavy traffic on its external corporate website," but was later forced to admit it had experienced "a service disruption to the MasterCard directory server," which banking experts said meant disruption throughout its global business.
Visa Europe followed suite the following day and suspended payments to WikiLeaks for an initial period of one week. Its website too was inaccessible for a while.
WikiLeaks' payment processor, DataCell, has said it was preparing to take legal action against the credit card companies over their refusal to process donations. CEO Andreas Fink said in a statement: "If large companies such as Visa or Mastercard, who hold the duopoly of the credit card transactions world wide, think they have to put priority on political influence over the law, they have to be ready to take damage claims in the billions of Euros and they have to be ready to lose a big chunk of their business. This might be very well the end of the credit card business worldwide."
Interestingly, one of the cables leaked by WikiLeaks, dated 1 February 2010, disclosed that the Obama administration had lobbied senior Russian government officials on behalf of the credit card firms against a plan by a consortium of state-owned banks to collect processing fees estimated at £2.5bn a year. It is also worth mentioning that both credit card companies allow payments to many illegal groups, such as splinters of far-right organisations Ku Klux Klan (see here).
On 6th December, PostFinance, the financial arm of the Swiss postal service, closed the account of Julian Assange, which contained his £26,000 legal defence fund. The excuse given by the bank was that Assange had provided "false information regarding his place of residence when opening the account." Assange had apparently told PostFinance he lived in Geneva but could not provide a proof that he was a Swiss resident. However, the Swiss Federal Court ruled on 22 July, 2010, that PostFinance was obliged to offer all interested parties an account for payment transactions and to continue any existing accounts as part of its basic service mandate (obligation to contract). Termination of an account relationship (or refusal to enter into such a relationship) is, therefore, only possible for "compelling reasons." PostFinance claims that this gives it "the option of terminating business relationships which run contrary to public and moral opinion."
DDoS attacks were mounted against the bank's website, forcing it to shut down for a whole day.
Twitter and Facebook
Social networking websites, such as Twitter and Facebook, have been buzzing with messages about WikiLeaks and calls for cyber attacks against the corporate censors. On 8th December, Facebook closed down the page of 'Anonymous'. Not long after that, Twitter suspended the account of 'Anon_Operation' after it apparently tweeted a link to hacked MasterCard numbers. The account had around 22,000 followers at the time. A new account, 'Anon_Operationn', soon reappeared offering links to the Internet Relay Chat rooms, where members of Anonymous have apparently been organising. Bloggers initially warned Twitter that it "will be next for censoring #Wikileaks discussion," but in a further post on #Anonops said: "We are not hacking Twitter... DON'T WORRY!... All we are saying that they closed our official account and that is not FREE SPEECH!" Twitter is also accused of preventing the term 'WikiLeaks' from appearing on the microblogging site's 'popular trending' topics.
The Swedish lawyers
Hactivists have also struck against the website of the Swedish lawyer representing the two Swedish women who are accusing Assange of having non-consensual and unprotected sex with them, charges that he denies. Claes Borgström reported the hacking to police, saying the allegations were not a politically motivated plot against Assange. "It has nothing to do with WikiLeaks or the CIA," he added.
The charges against Assange were dropped last August within 24 hours by the chief prosecutor, who found there was "no reason to suspect that he had committed rape." Assange's identity was unlawfully disclosed to right-wing media by the Swedish authorities and the 'rape' story was carried around the world. The decision to withdraw the charges against Assange was overturned after the intervention of Borgström, who is now representing the two women. Borgström is a Social Democratic politician and had worked the Swedish government for several years, between 2000 and 2007.
Other websites that have been targeted by Operation Payback so far include:
- The Swedish Prosecution Authority's website, which was taken offline for almost 11 hours on 14th September, moments after it announced its intention to fight a London court decision to grant Assange bail. The Swedish government's official website had also been targeted.
- The website of American right-wing politician Sarah Palin, who called Assange "an anti-American operative with blood on his hands." Hackers have also reportedly hacked into her personal email account and posted screen shots of her emails on WikiLeaks. However, observers have warned that such stories might be exaggerated in order to paint Anonymous as a "bunch of cyber criminals."
- The blog of Panda Labs, a computer security company that has been involved with investigations and analysis of the Anonymous attacks. Other security firms that have been scaremongering about Anonymous and linking it to cyber crime include Sophos and Spamhaus (see here).
- There are conflicting reports that Anonymous hactivists are preparing DDoS attacks against the UK government if Assange is extradited to Sweden, and there have been calls to attacks on Dutch websites after a 16-year-old suspected of involvement in the previous attacks was arrested. Two other 'hackers' have also been arrested as authorities crack down on Anonymous.
Cyber war or virtual sit-in?
In a blog linked to its Twitter account, Anonymous wrote at the beginning of Operation Payback:
"Hello World. We are Anonymous. What you do or do not know about us is irrelevant. We have decided to write to you, the media, and all citizens of the free world at large to inform you of the message, our intentions, potential targets, and our ongoing peaceful campaign for freedom.
"The internet is the last bastion of freedom in this evolving technical world. The internet is capable of connecting us all.
"When we are connected we are strong. When we are strong we have power. When we have power we are able to do the impossible. This is why the government is moving on WikiLeaks. This is what they fear. They fear our power when we unite. Do not forget this.
"Anonymous is doing what many successful campaigns have done in the past; a sit-in. It may be hard to comprehend, but a digital sit-in is our most effective method to show that all of us deserve freedom of speech and a free internet.
"Our methods may appear, on the outside, to be cruel to those the entities that we are campaigning against, but remember [that] by supporting censorship they are denying everyone a basic human right."
More recently, media reports have claimed that there is growing disagreement between members of Anonymous, so to speak, as to "where to go from here." A message posted on the 4chan image board suggested dropping the DDoS attacks in favour of publicising information in the diplomatic cables that Wikileaks is releasing. "Searching for the less-well publicised cables and spreading the information they contain around the web could be more effective than simply knocking out sites deemed to be enemies of Wikileaks," it said.
It should be noted that protests in support of WikiLeaks and its founder have not all been virtual. Supporters gathered outside Westminster Magistrates Court in London for Assange's bail hearing on 7th December, and again on the 14th. Protests have also been held at the Swedish and Australian embassies (see here). In Australia, mass demonstrations and rallies have taken place in Sydney, Melbourne, Perth and other cities across the country (see here).
A long-term anti-corporate campaigner, who also prefers to keep anonymous, maintains that successful anti-corporate campaigns must use a diversity of tactics. "It's all very well to take down a company's website, but that's more like a stunt than a serious disruption of its business. If these people are serious about making these companies pay back, they should start thinking about boycott campaigns, direct action, mass protests and so on."