Now we have something new a group called AntiLeaks has popped up and managed to drop a 10GB/s + DDoS attack on WikiLeaks, their affiliate sites and mirrors. This is something pretty spectacular when you think about it. The group claims to be a group of “young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at asylum in Ecuador”, but their tactics and capabilities seems to indicate something more is going on here.
For starters the timing is very interesting as WikiLeaks had just released some very embarrassing documents that were taken from Stratfor earlier. The size of the original email and document dump was impressive and as of this writing only a small portion has been released to the public. In this round of documents a new monitoring system developed by former CIA employees (as part of the Abraxis Corporation) called Trapwire. This system was setup to monitor patterns to help predict threats in fact Richard Helms, CEO of Abraxis was quoted once as saying “It can collect information about people and vehicles that is more accurate than facial recognition, draw patterns, and do threat assessments of areas that may be under observation from terrorists,”
Some of the emails leaked indicate that Trapwire has extended beyond its original scope of threat prediction and mitigation into more intrusive areas. This is the type of information that Stratfor, the US Government and of course Abraxis would not want to be public. Some of the data the system is collecting could actually be in violation of privacy laws (as well as potentially violating a few other surveillance laws). You can imagine that with the connection to Stratfor and the US Government Abraxis has there would be some high-level interest in keeping these emails from the public eye. Again this would seem to put the attacks outside the realm of “young adults” and more into the state or corporate sponsored arena.
We thought about some of the recent technologies used to attack Torrent swarms that have popped up in the US and also in Russia and these giant networks could be coopted to do this kind of work without too much trouble. Although there is no confirmation of any company attacking torrent swarms with official sponsorship outside of the one company PiratePay in Russia (Sponsored by Microsoft). We do have confirmation from the Computer Emergency Readiness Team (CERT) in Poland about large scale attacks on torrent swarms. Some of these attacks originated from large networks in the US which would seem to show that there is at least one company working with copyright holders attack Torrent swarms with a sophisticated form of DDoS.
Although still speculation we are fairly certain that the attacks on WikiLeaks are not the work of young adults from the US that are feeling patriotic. This actually seems a little too dramatic for kids anyhow. In our dealings with hackers in the past they tend to be very upfront, taunting and less than polite. They also rarely use language like “Assange is the head of a new breed of terrorist”; to be honest that sounds like the intro for a bad TV movie. This also helps to point back to the possibility that someone is borrowing assets originally intended to thwart movie piracy. Who knows, maybe the US Government is borrowing assets from Hollywood after all they did go after Megaupload for them.
Regardless of who is behind this they have raised the eyebrows and the ire of Anonymous who could be mounting their own Op to stop the DDoS attacks directed at WikiLeaks. Things are most certainly going to get very ugly as we could see a Botnet on Botnet war break out as the two sides seek to counter each other. We will be very interested to see if Anonymous pulls off another Dox with information about the attacks on WikiLeaks including who and what is behind them. If it turns out to be the a Hollywood asset working on behalf of the US Government it will only add to their embarrassment.
Discuss this in our Forum