Image: Mastercard.com website
AP
This screen shot taken Monday, Dec. 13, 2010, shows the Mastercard.com, Inc. USA website, home page. As WikiLeaks struggled to stay online, a small army of pro-WikiLeaks hackers took down Visa's and MasterCard's websites and slowed PayPal's. The Internet drama precipitated by WikiLeaks' release of U.S. diplomatic cables has been called the first global cyberwar.
By
updated 12/13/2010 4:35:54 PM ET 2010-12-13T21:35:54

The Internet drama precipitated by WikiLeaks' release of classified U.S. diplomatic cables has been called the first "global cyberwar." But at closer look it's really more of an amateur brawl.

Although big businesses such as Mastercard and Visa were ensnared, the so-called "Hacktivists" didn't do serious harm. And while one of the "big boys" of the Internet — Amazon.com — was an obvious target after it snubbed WikiLeaks, the hackers held off, fearing Amazon was too difficult to get.

Meanwhile, WikiLeaks revealed itself to be less than sophisticated when it came to maintaining an online presence.

  1. Most popular

The secrets-spreading site was caught flatfooted when attacks and legitimate traffic overwhelmed it on Nov. 28, the day it started releasing the cables.

It reacted by moving the website from a Swedish base to Amazon.com's hosting facility. Because Amazon is self-service, WikiLeaks didn't need any pre-established relationship with the company. Amazon has ample capacity and can withstand hacker attacks.

But there was a major downside: Moving the site to the U.S., where the cables originated, exposed it to political pressure.

Congressional staffers called Amazon.com Inc. on Nov. 30 to ask about its relationship with WikiLeaks. The next day, the company shut down the WikiLeaks site for distributing documents it didn't own. That sent WikiLeaks scrambling to re-establish its Web presence in Europe.

It took WikiLeaks nearly a week to regain a stable online presence, using techniques it could have deployed well in advance of releasing the cables, such as hosting the site through multiple vendors and having excess capacity to handle heavy traffic.

Related story from Red Tape: WikiLeaks vigilante war spills onto Web

A WikiLeaks defector says he's setting up a rival site. With its founder in jail and a poor track record when it comes to staying online, WikiLeaks may eventually be remembered as the pioneer of secrets-busting.

"Whatever happens to the domain name and the actual organization, the idea unleashed by WikiLeaks is going to continue," said Joshua Benton, director of the Nieman Journalism Lab.

  1. More security news from MSNBC Tech & Science
    1. Gizmodo
      How crooks fake an ATM and steal your money

      There's no dearth of sophisticated gear for the aspirational ATM thief. But skimmers don't exactly have an aisle at Wal-Mart. Gizmodo takes a look at the scary Internet black market where fraudsters get their tools — or get swindled themselves.

    2. Man pleads not guilty to running vast spam network
    3. Charles Manson had cell phone under mattress
    4. NYT: China hacked Google, leaked cables say

So what are the lessons learned?

— Legal and governmental pressure was far more effective on WikiLeaks than cyberattacks were. If WikiLeaks could have remained at Amazon, it would have shrugged off any Internet-based attacks.

But it was ousted after U.S. government inquiries. Visa, MasterCard and PayPal cut off the flow of donations to WikiLeaks because of legal concerns. WikiLeaks founder Julian Assange is in a British jail because of legal action — sexual assault allegations brought in Sweden.

— As a means of reaching the public, websites are less important than before. Secondary channels, including Twitter and Facebook, are growing in effectiveness.

All through the cyberbrawl, WikiLeaks' Twitter feed has provided a direct link to the public. Pro-WikiLeaks hackers used Twitter and Facebook to recruit participants in their attacks, though both venues shut them down after a while.

— And, while losing the "wikileaks.org" Web address on Dec. 2 was a serious blow because the site had few backup plans, overall, Web addresses are less important than before.

Googling "WikiLeaks" brings up the site's numerical address, a direct way of reaching a website when typing the domain name in the browser's address bar doesn't work. The Web address is vulnerable to both legal intervention and hackers, but once a site reaches a certain stature, it is no longer crucial.

Despite the hype surrounding WikiLeaks, there have been more serious attacks that might qualify for the "cyberwar" label. When Russian hackers attacked the former Soviet state of Estonia in 2007, they caused serious problems for the tiny country for weeks. They struck again when Russia invaded Georgia the following year, forcing the Georgian president to move his website to the U.S.

When pro-WikiLeaks hackers struck against companies that had cut their ties to WikiLeaks, they managed to take down the websites of MasterCard and Visa — big names, but not big websites.

MasterCard and Visa spend their money on their electronic payment systems, not their websites. You can't buy anything on their sites or sign up for a credit card. You can't even check your account balances. Credit card processing didn't stop just because the sites were attacked.

In chat rooms run by Anonymous, a hacker group that came to WikiLeaks' defense, the suggestion to attack Amazon came up repeatedly, but was shot down. The more savvy hackers knew they didn't have the clout to attack a real Web business.

Amazon sites in Britain, France, Germany and other countries went offline for about a half-hour late Sunday, but Amazon blamed a hardware failure rather than attack.

Anonymous may be growing in clout, but it has still succeeded in only minor mischief. Previously, the group has taken on such sites as the Church of Scientology and Kiss bassist Gene Simmons. Tackling Visa and MasterCard was a step up, but to gain enough participants to make a dent, Anonymous had to open up its normally secretive Web chat channels, exposing the group to the eye of law enforcement.

Most Internet-based attacks use "botnets," swarms of hijacked PCs around the world that, unbeknownst to their owners, can be harnessed remotely. Anonymous took a higher road with "Operation Payback." Instead of hijacking computers, the group distributed a program that users could install to add their PCs to the attack.

The tool Anonymous distributed to launch the attacks, fancifully called "Low Orbit Ion Cannon" after a feature of a computer game, is ostensibly designed as a tool for testing website security, not as a secretive weapon.

The flood of data packets it sends can be traced back to their source, and last week Dutch police arrested a 16-year-old suspected of taking part in the attacks.

As a hacker, it's easier to squelch free speech than it is to promote it. Anonymous brought down several sites, but wasn't able to do much to bolster WikiLeaks' Web presence. Hackers briefly shut down the website of Sarah Palin's political action committee, prompting her to say it was retaliation for exercising her speech rights.

On Friday, "Operation Payback" participants in the chat room were casting about for new attack targets, but couldn't come up with a better one than MasterCard, which they had already hit.

Copyright 2010 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Discuss:

Discussion comments

,

Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments