The Lesson To Be Learnt From Anonymous

One thing the WikiLeaks-related distributed denial of service (DDoS) attacks has shown is just how fragile web presence can be. The fact that major sites like MasterCard and Visa can be blocked through concerted effort should be a warning, and a worry, for any other online sites owned by companies or governments.

The Anonymous Operations’ (AnonOps) attempts to punish those who take action against WikiLeaks have been successful and, so far, have evaded law enforcement agencies. This is no organised army of hackers fighting an online war but a loosely-organised team of guerrillas battling what it sees as a perceived threat to liberty and freedom.

Economic and political damage limitation

The whole episode is an example of extremism gone unchecked – the Internet equivalent of Muslim Jihadists trying to cause social disruption with bombing attacks. Fortunately, the web equivalent has not, so far, cost any lives.

The WikiLeaks exploits are timely in that they have hit when governments appear to be waking up to the threat of virtual campaigns being waged to cause econo-political damage. If the UK government had already gone ahead with centralising its disparate domains and putting essential payment and public services online, how would it have fared if the Operation:Payback fanatics had turned their Low Orbit Ion Cannons – the DDoS weapon of choice – against the DirectGov site?

What if, in the future, a fanatical foreign government incites its citizens and overseas supporters to arm themselves for an attack on a foreign power? How would the Internet infrastructure cope?

The code of secrecy which Internet service providers (ISPs) guard so heavily is a double-edged sword. It protects the average citizen from snooping government departments but it also protects the DDoS guerrillas from prosecution. The web is not as anonymous as people believe and the key is the ISP traffic monitoring process.

“Participation in DDoS attacks is illegal in many countries and users accepting the invite by AnonOps are under a serious risk of litigation,” warned Vanja Svajcer, a principal virus researcher for Sophos Labs. “Many people believe that privacy on the Internet can be somewhat protected, but beware, the source IP addresses of attackers, which will inevitably end up in the target’s website log files, can easily be matched with users’ accounts if ISPs decide to co-operate with the law enforcement agencies.”

Snowflake on an iceberg

In Holland, there have been two arrests so far for DDoS attacks. The first may have been part of the AnonOps attacks but few details have been given. The second was, seemingly, a vigilante with a grudge against the Dutch legal system – who did not have the guile to hide his IP address.

Even if both were part of the international brigade of WikiLeaks’ supporters, they represent something less than a snowflake on the tip of a very big iceberg.

A weapon can often be a humble tool, such as a hammer, used for evil purposes and so it is with the Ion Cannon. It is advertised as a tool for conducting stress tests of web applications under heavy loads – heavy loading being what a DDoS attack actually is.

As such, it is freely available for download and extremely user-friendly to configure. Even a child could do it and, evidently, many do.

It would be difficult to rid the Internet of these tools so we have to learn to live with them.

According to Bob Tarzey, analyst and director at Quocirca: “MasterCard could learn from Visa here, for high profile transactional sites, one protection against DDoS is multiple servers that make the total service harder to target.

“As for government, it will depend on the nature of the website. If it is transactional then government should heed the warnings of the last week, however, if it is more about content, reigning things in makes sense and content distribution services, such as Akamai, can ensure widespread availability,” he added.

Business sites have two areas that need protecting. The most important is the core business network that are increasingly linked to remote and home workers. These can be sensibly protected using virtual private networks (VPNs). A traffic monitor can be positioned to reject unsanctioned connections and, in theory, a concerted DDoS attack would be an inconvenience rather than a disaster.

The Fragile Customer Interface

The other side of the business, the public-facing site, is a different proposition. There is no way to vet connections as easily because the whole concept is based on any potential customer gaining access. A vetting procedure is inapplicable here and advice depends on specific, often unique, corporate specifications.

“DDoS is not going to disappear; it has become, and will remain a weapon for all sides,” advises Tarzey. “The best thing an organisation worried about DDoS can do is to engage with experts that provide insurance and protection against it, such as the new service from London based www.Adversor.net.”

Adversor is one of a growing cloud of service providers. It aims to stop a DDoS attacks from even reaching the targeted organisation’s network. The cyber-attack is engaged in its cloud by accurately pinpointing and eliminating the malicious traffic, the company claims. Legitimate traffic is allowed to pass “with no loss of trade or reputation”.

It is clear that there are solutions to the problem out there but it requires something like the WikiLeaks exploits to wake the world up to the devastation that DDoS attacks can bring. Only then, it appears, will someone open up their wallets and pay for the necessary insurance.

Eric Doyle, ChannelBiz

Eric is a veteran British tech journalist, currently editing ChannelBiz for NetMediaEurope. With expertise in security, the channel, and Britain's startup culture, through his TechBritannia initiative

View Comments

Recent Posts

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

47 mins ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

16 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

18 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

20 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

21 hours ago