WikiWars: The face of future conflicts
Attacks, and government's own unconventional strategy, could be the first real cyber war
We appear to be in the middle of the first real cyberwar. And like so much on the Internet, it has evolved in ways that weren't expected.
The war against the controversial, anti-secrecy WikiLeaks is being fought not with conventional weapons such as worms, Trojans or even targeted malware such as Stuxnet. It is a guerrilla war — and this time the U.S. government is playing the role of the insurgent. The objective is not the short-term takedown of WikiLeaks but a strategic denial of services to future online leakers, and WikiLeaks supporters are playing into their hands.
The WikiWars are exploiting an inherent weakness of a free, unregulated Internet: the need for service providers to make money.
WikiLeaks first incurred U.S. wrath with the publication this summer of a cache of low-level intelligence observations from Iraq and Afghanistan. The more recent release of thousands of classified diplomatic cables has ratcheted things up several notches.
A spate of conventional denial-of-service attacks were launched against the site, but were easily brushed off. But then Sen. Joseph Lieberman (I-Conn.), chairman of the Homeland Security and Governmental Affairs Committee, launched his own denial-of-service attack in the form of a letter from his staff to Amazon, which was hosting the WikiLeaks website. Amazon soon announced it was no longer hosting the site.
Amazon said it was because WikiLeaks broke its rules and not because the senator made any demands, threats or promises. But Rep. Peter King, (R-N.Y.) the incoming chairman of the House Homeland Security Committee for the 112th Congress, was explicit in a statement praising Amazon’s decision.
WikiLeaks impels White house to order classified data security review
Cyber Command still struggling to define cyberwar
“This situation should serve as an example for all private U.S. and international companies that conducting business with WikiLeaks is intolerable and against American interests,” he said.
WikiLeaks has lost its original Web address, and financial companies PayPal, MasterCard and Visa no longer are processing donations and payments to the organization.
This has not taken WikiLeaks off line. In fact, the Washington Post commented that “WikiLeaks now is stronger than ever.” Hacktivists have launched conventional denial-of-service attacks against companies that have repudiated WikiLeaks, using the online DOS tool Low Orbit Ion Cannon to flood target sites with TCP and UDP packets and HTTP requests.
But although the United States might like to prosecute founder Julian Assange, taking down WikiLeaks is not an important goal. The documents already are released, the horse is out of the barn, the cat is out of the bag. But these guerilla actions may well prevent the next wiki leak.
Taking up residence on the Internet is a low-cost proposition, with lots of options around the world. But an online presence depends on private-sector service providers who provide and control the infrastructure, and they are not likely to ignore the concerns of the U.S. government or the hassles of running afoul of hacktivists, on either side of the fight, who might want to shut them down.
“At the end of the day, these are businesses,” said Dean Turner of Symantec Intelligence Services, who has been observing the online attacks. “It costs them a lot of money when they are under attack like that.”
The next wiki leaker to come along will likely find it much more difficult to get and maintain the services it needs and to raise the money it needs from supporters. PayPal, Amazon and others might well say, “No thanks, we don’t need those hassles.” Not to mention inquiries from senators.
The big drawback to this strategy is that the next wiki leaker might not be an idealistic individual operating on a shoestring. A nation such as China could step in to support the effort — either out front or behind the scenes — ensuring a strong online presence and getting a double bang for its buck.
Not only would it be a terrific propaganda tool against other countries, but a sponsoring country could get first look at classified collections submitted for publication. Then the WikiWars would have to be ratcheted up yet another notch.