SECUrITY aGEnCE FranCE-PrEssE

Supporters of Wikileaks founder “Hacktivists” Strike Back wear Guy Fawkes masks Cyber attacks on financial institutions serve as they demonstrate against his arrest in as a warning sign Amsterdam in December 2010. The “Hacktivist” in december 2010, the websites of international financial services gi- group “” has ants Visa, Mastercard and PayPal were temporarily shut down, victims adopted the Guy Fawkes of a coordinated cyber attack dubbed by its per- image as its public face. petrators. “Hacktivists” who support and its founder Julian assange attacked after the companies terminated service and disabled donations to the website. The economic impact of the attack remains unclear and the tar- geted companies denied suffering consequential losses. but the attackers, using the names “anon” and “anonymous,” demonstrated the ability of cyber attacks to infiltrate and damage businesses and government agencies.

A modern form of protest , the online retailer that hosted Anonymous didn’t protest by chanting slogans Wikileaks on its servers, was the first to pull out. or waving signs — it struck against Wikileaks’ Visa, MasterCard and PayPal soon followed, perceived enemies in the spirit of the virtual essentially crippling Wikileaks’ ability to accept world they share. Wikileaks, whose raison d'être is donations that support publishing efforts. The exposing classified or confidential government cyber attacks started soon after. or corporate information, is under pressure When Anonymous staged its attack in the vir- from the United States and other governments tual world, it used a favorite weapon of the cyber after leaking more than 250,000 U.S. State De- warrior — distributed denial of service attacks. partment diplomatic cables in November 2010. DOS attacks work by flooding a targeted com- The U.S. accuses Wikileaks of endangering lives puter system with incoming messages, denying by revealing unlawfully obtained secret govern- service to legitimate users. A typical DOS attack ment information and requested that companies uses thousands of “compromised” computers, cut ties with the website, as reported in the usually surreptitiously infected with malicious Independent. programs, or , allowing a master con-

58 perConcordiam troller to direct the computers remotely. These transfer service reported that its blog went networks, or , are widely used by orga- offline, but that transactions continued, though nized crime. Cyber gangsters have used DDOS more slowly than usual. to extort “protection” money from businesses in Other attacks were more successful. News re- the same way traditional gangsters extort busi- ports indicated that Swiss bank PostFinance suf- nesses in person. fered disruptions for 10 hours Operation Payback hack- and the website of the Swedish tivists created a voluntary prosecutors handling Assange’s “Consumers . They recruited people sexual assault case was taken from within their network and taxpayers down for several hours. and asked them to download may not realize Anonymous aimed high malware, avoiding the need with its attacks on Visa, Mas- it, but beneath to infect strangers’ comput- terCard, PayPal and Amazon. ers, Noa Bar Yossef, a secu- the surface, the Visa and MasterCard are the rity strategist at data security rising threat of two largest consumer payment company Imperva, told PC systems in the world, report- cyber attacks, World. Hacktivists used sites ing 2010 revenues of $8 billion such as to plan attacks computer viruses and $5.5 billion, respectively. and communicate and coor- and identity PayPal, a subsidiary of online dinate their efforts, according auctioneer eBay, announced fraud is costing to technology magazine Fast revenue of almost $2.8 billion Company. them billions.” in 2010. There is nothing to Ironically, Wikileaks itself indicate that the DDOS attacks was hit with a DDOS attack. — Henry Truc, personal caused significant financial finance writer for “,” who calls himself damage to the targeted compa- GoBankingRates.com a “hacktivist for good,” at- nies, amounting to little more tacked Wikileaks in November than virtual graffiti on the 2010, shutting the site down online bank “lobbies.” briefly before hundreds of thousands of classi- fied diplomatic cables were posted. According to The aftermath a CNN story, “The Jester” has attacked websites After the attacks by Wikileaks supporters, law involved in “online incitement to cause young enforcement officials arrested several people. Muslims to carry out acts of violent Jihad.” He Five hacktivists from Anonymous were arrested told CNN he is against Wikileaks “for attempt- in England in January 2011, although police ing to endanger the lives of our troops, other there declined to confirm their involvement. assets and foreign relations.” Additionally, two teenage were arrested in the in December 2010. As of How effective were hacktivists? early 2011, police in Europe and North America According to the BBC, the websites targeted by continued to issue arrest warrants for suspects Anonymous experienced service disruptions, associated with the unlawful cyber attacks. but the attacks on credit card companies left Though these recent attacks were largely transaction processing capabilities unaffected. unsucessful, they focused attention on the MasterCard acknowledged it experienced a “ser- potential for criminals and terrorists to create vice interruption” in some Web-based services, large-scale financial havoc and expose confi- but neither its core processing capabilities nor dential credit data to the world. British officials its cardholder account data were compromised. estimate that attacks and viruses cost Ted Carr, spokesman for Visa, told the BBC that the world economy about $86 billion annually, a the network handling cardholder transactions cost ultimately borne by consumers and taxpay- continued normal operations. Anonymous origi- ers. Securing financial institutions and other nally announced an attack on Amazon, but later critical civilian infrastructure will clearly remain shifted its target to PayPal. The online money a costly challenge. o

perConcordiam 59