Wednesday, December 8, 2010

4CHAN/WIkileaks "Operation: Payback" & "Operation: Avenge Assange"

 The 4CHAN (aka Internet pranksters) “Anonymous” group have taken down multiple sites in retribution of the way Wikileaks has been treated by the media and affiliated organizations. They're calling their attacks "Operation: Payback" & "Operation: Avenge Assange". The following companies and people have had their websites knocked off-line:

·        Mastercard

·        Visa

·        Paypal

·        Joe Liebermans website

·        Sarah Palins website

·        Julian Assange’s Swedish prosecutor

·        PostFinance

These site have been taken down by the group “anonymous” by distributing a DDoS tool called Low Orbit Ion Cannon that allows the downloading computer to participate in a voluntary botnet aimed at these sites. In response the “Anonymous” site has been hit with a counter DDoS attack knocking their site off-line.

A DDoS (Distributed Denial of Service) attack uses multiple machines sending network traffic to a particular service or device in order to overwhelm it with requests, hence not making service available to the public.

A botnet is a group of machines running particular software under the originator (aka Bot herder) that can have the machines in the botnet perform certain commands on a very large scale. The average size of a botnet has around 20,000 computers under the control of the Bot herder.

The DDoS method has continually been used as a successful way to attack a site without the ability to trace it back to a particular person or group. This also allows a relatively easy way to stop a web presence without fear of legal action or responsibility of the attacker. It would be great to start seeing ISP’s take a more proactive stance against DDoS attacks.

DDoS attacks haven’t gone away and are still a constant threat by attackers. The 4CHAN group DDoS is a great example of hactivism, or the hacking or breaking into computer systems for a political or socially motivated purposes (right or wrong). This is also interesting because these attacks aren’t directed towards a particular political group, but rather against private companies that are affiliated with the political group. This is an interesting way of attacking an organization by attacking the services they use to do business.

No comments:

Post a Comment