Community

General discussion

Locked

Wikileaks and DDoS attacks - some thoughts

By Deadly Ernest ·
I was just reading a CNET article about Wikileaks and it mentions some recent DDoS attacks against Wikileaks. This got me thinking.

Most DDoS attacks are organised by bad guys to cause trouble for companies for financial gain or by hackers who are picking on particular companies that upset them. The only people Wikileaks have upset lately are certain US government bureaucrats and politicians due to them making available documents leaked to them from within the US bureaucracy. It seems the US government can't stop their people doing the leaking, hmm a good story back there somewhere, so they're trying to stop them being made public by a non US citizen on a non US web site.

Now, all of a sudden, Wikileaks is being hit with DDoS attacks. It does make me wonder who is organising them as Wikileaks is NOT the sort of organisation the usual organisers of DDoS attacks will hit. The circumstances makes me wonder if this is a black CIA operation or something similar organised by a US government Agency. If that is so, it then raises the question of this being the first one they've done, or not.

I don't know any answers to these issues, but sure would like to know.

On a related issue, I do find it interesting that certain people in the US power structure aren't upset about the dirty linen these cables represent, but are upset that their dirty linen is being made public. In short, doing bad things is OK as long as they don't get caught and they seek to punish those who publicise the nasty work and not those who did the dirty deeds.

What are your thoughts?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Just a few points in response

by Deadly Ernest In reply to Assisting a known felon

1. The leaker is NOT a felon until such time as they're identified, charged, tried, and convicted. Then those who assisted in the felony can be charged with assisting.

2. People can only be charged with crimes that they committed within the jurisdiction of the court being charged in. The Wikileaks server is outside the USA so USA courts have no legal jurisdiction, but that won't stop them trying.

3. Leaks of this sort have happened in the past and been publicised by the US media with the assistance and approval of the US government. However, in those cases it was not the senior US diplomats who were embarrassed by having their dirty laundry made public, so they approved the actions.

4. The US government is way out of order to put pressure on other governments or any business to act against Wikileaks to stop this or get some revenge for it.

Collapse -

DE, dirty deeds undisclosed dirty cheap.

by CharlieSpencer In reply to Wikileaks and DDoS attack ...

"I do find it interesting that certain people in the US power structure aren't upset about the dirty linen these cables represent, but are upset that their dirty linen is being made public. In short, doing bad things is OK as long as they don't get caught and they seek to punish those who publicise the nasty work and not those who did the dirty deeds."

Agreed. That's what I found so upsetting about the whole 'CIA torture' and 'Abu Ghraib prison' issues. More people were concerned about our questionable actions being disclosed than about our potential human rights or Geneva convention violations. There was much talk about how disclosing these behaviors was a threat to our national security, far more than there was talk regarding the threat of the behaviors themselves.

Nothing in the previous paragraph should be construed as an opinion on the topic of Wikileaks.

Collapse -

Yeah, it's a very common thread now - they get upset

by Deadly Ernest In reply to DE, dirty deeds undisclos ...

about the disclosure or about getting caught, not about what was done that was wrong.

Collapse -

How wrong can that be

by AnsuGisalas In reply to DE, dirty deeds undisclos ...

when the government of one billion+ chinese feels the same way

Collapse -

I am surprised

by santeewelding In reply to Wikileaks and DDoS attack ...

More than surprised, that not more of this -- a whole, great-big more of this -- is not all over TR.

What are you people -- reticent? Withdrawn until you think you know more? Confused? Scurrying to your burrows?

Enough has been done, with still more coming.

Speak up.

Collapse -

I was wondering the same...

by AnsuGisalas In reply to I am surprised

And now they think the "cyberwar" is spreading.
And, by the way, this "jester" is a convenient fellow, is he not?
And did anybody buy it, when Estonian infrastructure was being attacked by "activists with no connection to the kremlin", over the moving of a statue to a memorial park?

Collapse -

Red Face Syndrome

by The 'G-Man.' In reply to I am surprised

That such a leak can come from the US. I mean this is the biggest IT related security breech in history we are reading about. That must cause a warm glow and shows the state of US security in a very bad light.

Collapse -

But, to be fair, it's not really a 'IT security' breach

by robo_dev In reply to Red Face Syndrome

If an individual has access to classified data, and he gives it to somebody else, that's really not a 'breach', it's an unauthorized disclosure.

And further, Manning leaving a secured area with a DVD of data is more of a a physical security breach. The guard who does the inspection when you leave a classified area does not review the contents of every disk, he relies on the individual to be truthful about it.

In this case no systems were hacked into, no passwords were stolen, and no encryption was broken. It was not a security breach, it was a case of disclosure and data theft.

A long time ago, I did PC support on classified computer systems. In my tool bag were lots of diskettes: DOS boot disks, Windows disks, Compaq Diag disks, etc. On each disk was a label, that I had to sign, which was a certification that it contained no classified data. The guard did not read the data on any diskette, ever. As long as they were labeled, they would pass. Since I had a security clearance, he went on the assumption that I was not lying.

This is a shining example of the most difficult security issue in IT: the insider threat. You can build the most secure system on the planet, but if a untrustworthy person has the keys to the kingdom, it's all for naught.

I am assuming that the bulk of the Wiki material was the data that Bradley Manning copied to DVD.

I contend that it's not really possible to build a security control strong enough to prevent a motivated person from disclosing information he or she has access to.

In this case, it's very true that if Manning did not have write-access to a DVD drive would have helped.

But what if Manning had simply made copies or took photographs of secret documents? Sure, it would have taken longer, but the advantage of working in a secret environment is that nobody really knows exactly what you're doing, which can allow people to do all sorts of things.

That would be no different and no less damaging, and not considered to be IT related.

The 'failure' is that Manning's commanding officers trusted him, not that security controls were lacking.

If somehow Manning could not get the DVD burner to work, he could have discovered other methods to get the data from the protected system.

Collapse -

The difference...

by AnsuGisalas In reply to But, to be fair, it's not ...

"But what if Manning had simply made copies or took photographs of secret documents? Sure, it would have taken longer, but the advantage of working in a secret environment is that nobody really knows exactly what you're doing, which can allow people to do all sorts of things"

- Man, that Manning sure is taking a lot of photocopies...
- Man, that Manning is fiddling constantly with some small item above that pile of papers as he leafs through them...

Vs.

-Man, that Manning is dozing at his desk while his computer is running maintenance again.

Which one of those three is least likely to cause a question about what Manning is carrying out with him?

Collapse -

Supposedly

by AnsuGisalas In reply to Wikileaks and DDoS attack ...

"the jester"...
Supposedly a vigilante who claims to have taken on terrorist sites... and who thinks that wikileaks is a danger to US soldiers abroad.

Especially, apparently, US soldiers working with corrupt foreign governments.

Related Discussions

Related Forums