WikiLeaks: Fantasy Hacker Cyberworld of Good and Evil

What does the future of political protest look like in a highly digitalized world? We’re watching it unfold in real time through WikiLeaks’ Cablegate.

The day the cables were slated for release in major newspapers around the world, a so-called “political hacker” took down the WikiLeaks site with a distributed denial-of-service (DDoS) attack. He later wrote on Twitter that he went after the site for “attempting to endanger the lives of our troops and other assets.”

WikiLeaks moved the site from its Swedish webhost to Amazon.com-owned Elastic Cloud Computing (EC2) in Ireland. After U.S. Senator Joseph Lieberman contacted Amazon about hosting the site, Amazon discontinued service to WikiLeaks, citing terms of use.

Then the free-for-all began. Hackers got involved again, this time on WikiLeaks’ behalf, targeting Amazon. When PayPal froze payments to WikiLeaks, the hacking group Anonymous, which organized the Amazon attacks, focused on bringing down the online pay site. When MasterCard announced it would stop transactions on WikiLeaks’ behalf, MasterCard.com was attacked.

[Related Article: How to Spot, and Avoid, Internet Scammers]

Since then Visa.com has been hit with a DDoS attack, as has the website for the Swedish prosecutor and the lawyer representing the two women who have brought sexual misconduct charges against WikiLeaks founder Julian Assange. As the story progresses, I’m sure we’ll see more sites, for and against WikiLeaks, suffer hacker wrath.

This isn’t the first example of a DDoS domino effect, but it’s certainly the highest profile. We’re sure to see more stories like this. With the success of movies like The Girl with the Dragon Tattoo, in which hacking against evil government and corporate forces is elevated to a new kind of heroism, we’re bound to see more. The mythology is already forming: a new type of cyberwarfare engaged in the never-ending battle of good and evil.

[Featured Product: Identity Theft Protection]

Yet with all this hoopla, we can’t lose sight of the lesson. The data breach that started it all, like so many others that don’t grab headlines, stemmed from poor information-access policies. Politics and protests aside, security professionals need to understand the risk of large systems in which information is shared across separate organizations. The tale of the Army private with access to high-level State Department information should force us not just to comment on the story, or wage protest online, but to ask the basic questions of computer security: Who has access to your information? And have they been vetted?

Image by Adobe of Chaos, via Flickr