UWB Computing Technology and Public Policy: Topic-2 Wiki Post-1 Group-11

Hacktivism Attacks (2000 to present )
Operation Payback

Operation Payback has been without a doubt the longest and most widespread attack on anti-piracy groups, lawyers and lobbyists. From the personal computers of thousands of hackers around world the first shot of real cyber war were fired in December 2010 in defense of WikiLeaks. A group of Anonymous hackers attack dozens of anti-piracy groups, copyright lawyers and pro-copyright and financial banks under the flag of Operation Payback. At that time Anonymous explained, "Operation Payback is an ongoing campaign by Anonymous against major anti-piracy and anti-freedom entities. Visa, MasterCard and PayPal become targets by this hacktivist group because they suspended payments to Wikileaks.

WikiLeaks is a not-for-profit media organization. They bring secretive news and information to the public. They provide an innovative, secure and anonymous way for sources to leak information to our journalists. Organization which publishes secret information. In 2010 WikiLeaks released leaked confidential – but not top-secret classified cables that had been sent to the U.S. State Department by 274 of its consulates, embassies, and diplomatic missions around the world. Dated between December 1966 and February 2010, the cables contain diplomatic analysis from world leaders, and the diplomats' assessment of host countries and their officials, WikiLeaks, claimed this was the world's largest release of classified material with 251,287 cables consist of 261,276,536 words. This was known as The United States diplomatic cables leak, widely known as Cablegate. Because of this leaks USA government was bringing its full weight down on WikiLeaks, according to them WikiLeaks is operating illegally. They announced that state department should shut down all accounts, deposits and transfers to WikiLeaks.

With USA government pressure on December 2010 an arbitrary financial blockade has been imposed from Bank of America, VISA, MasterCard, PayPal on WikiLeaks .All the cardholders were banned to use their cards against the donations for WikiLeaks. This attack has destroyed 95% of WikiLeaks revenue in seven days. According to WikiLeaks this blockade was outside of any accountable, public process. It is without democratic oversight or transparency. The US government itself found that there were no lawful grounds to add WikiLeaks to a US financial blockade. Also they claimed that the suspension of payments towards WikiLeaks is a violation of the agreements with banking customers. After the Wikileaks website came under pressure from its leak of diplomatic cables, Anonymous announced it would support Wikileaks. But the blockade of WikiLeaks by politicized US finance companies continues regardless.

As a result of this financial blockade against Wikileaks, a group of online activists calling themselves "Anonymous" organised a series of denial-of-service attacks on the website of site of these banking institutes as experienced downtime around December 8–9, 2010. A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. This is the result of multiple compromised systems flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted. After these attacks on the banks website Anonymous Via its Twitter account claimed responsibility for the denial of service attack, several twits were posted such as following

"TARGET: WWW.VISA.COM :: FIRE FIRE FIRE!!! WEAPONS http://bit.ly/e6iR3X ::: SET YOUR LOIC TO irc.anonops.net ::: #DDOS #PAYBACK #WIKILEAKS," Anonymous tweeted. Shortly after it posted a tweet that read, “IT’S DOWN! KEEP FIRING!!! #DDOS #PAYBACK #WIKILEAKS."

“We will fire at anything or anyone that tries to censor WikiLeaks, Including multibillion-dollar companies such as PayPal”

According to several news sites, security of thousands of credit cards was compromised during that attack due to a phishing-site set up by the attackers. However, MasterCard denied this, stating that "cardholder account data has not been placed at risk”. The nine day online attack during Christmas 2010 time on PayPal caused losses worth more than £3.5m.

How Operation Payback was carried out

To carry out this attack a piece of software named a "Low Orbit Ion Cannon" (LOIC) which was developed to help Internet security experts test the vulnerability of a website to these assaults, was used for the distributed denial of service attacks. The LOIC is readily and easily available for download on the Internet. Each targeted website was swamped by what would normally appear to be visitors, but a much more frequent rate. This traffic slows down a site, and if frequent and long enough, can cause a server to shut down. This flood of traffic is reported to be the reason the targeted sites of Operation Payback were taken down. The attacks are coordinated in the Internet Relay Chat (IRC) channel, a type of computer chat room and around 3,000 people were active on the Operation Payback channel at one stage. The cyber security Experts said that the Operation payback was an easy attack to launch. It doesn’t even cost much for them.

Legality

According to Anonymous, in their press release they claimed that “These attacks were not illegal; it was a peaceful way of protesting”. As this attack were carried out in many countries. But the legality here in this case depends upon the location as the attack was carried out in many countries and different countries have different laws.

In the US, denial-of-service attacks can considered a serious federal crime under the Computer Fraud and Abuse Act with penalties that include years of imprisonment. Many other countries have similar laws.

With such legislation at that time Daliah Saper, a principal with Saper Law Offices, proposed that it will be very difficult for enforcement of this act as the hackers reside outside the United States, and hence International cooperation would be necessary to ensure the hackers are appropriately reprimanded." And with such international co-corporation. After the FBI investigation December 9th, the FBI authorities were able to reach IP addresses that were hosting Internet Relay Chat (IRC) sites for Operation Payback. Detectives investigating Anonymous found all the evidence they needed in IRC, In January 2013, after the two yea long court trials 3 main suspects of this Operation Christopher Weatherhead, Ashley Rhodes, Co-defendant Peter Gibson were sentenced jailed for 18months, 7 months and 6 months respectively in London.