Even as WikiLeaks continues to publish its thousands of leaked cables from U.S. diplomats the site is taking steps to stay online despite repeated cyber-attacks, canceled services and government action.
WikiLeaks keeps finding ways to stay online even as it
gets hit with repeated
denial-of-service
attacks aimed at keeping people from accessing the site and despite
decisions by technology and financial companies to terminate essential
services.
With each passing day it's getting harder to shut
WeakiLeaks down, according to technology experts. "The harder you hit
them, the bigger they get," wrote
James
Cowie, CTO at Internet monitoring firm
Renesys.
In the past 10 days since WikiLeaks began publishing
thousands of leaked U.S. diplomatic messages,
Amazon
has canceled its hosting service, everyDNS terminated its domain name
server services, and
PayPal,
PostFinance,
MasterCard
and Visa Europe have frozen its accounts.
WikiLeaks continues to be hit by
DOS
attacks to shut down the site, with the first attack hitting hours before
it published the first batch of diplomatic messages. Instead of relying on just
one domain name service provider, the site currently has 14 name servers from
11 different providers in eight different countries, including Switzerland,
Germany, Canada
and Malaysia,
listed in its WHOIS information.
WikiLeaks has a number of other top-level domains in case
WikiLeaks.ch gets knocked off line, including France,
Germany, the Netherlands,
Norway and Iceland.
The geo-diversification makes it very hard to take WikiLeaks down, wrote
Cowie.
Shortly after U.S.-based DNS provider
everyDNS
terminated service, easyDNS' CEO said
the company would be willing to work with WikiLeaks provided certain conditions
were met. As the company is based in Toronto,
easyDNS would not be subject to U.S.
laws "with respect to takedown requests," said Mark Jeftovic.
As of Dec. 8, WikiLeaks.ch listed two easyDNS name
servers. EasyDNS is also serving other WikiLeaks domains, according to
Jeftovic. Last week, WikiLeaks.nl listed Nevada-based Rollernut for DNS,
which has been replaced by EasyDNS.
The DNS for WikiLeaks is "confined" to the
Prolexic anycast name server, said Jeftovic. The four servers, deployed in "London,
Hong Kong and on the east and west coasts of North America," were selected
because Prolexic specializes in "soaking up DOS attacks" and they do
that "very well," he wrote. Even anticipating that WikiLeaks will be
attacked, easyDNS is "confident" that there will be "little
effect" on other customer domains or even on WikiLeaks, Jeftovic
said.
Now that WikiLeaks is "spreading in a multi-mirrored
fashion, it's really gone hydra now," he wrote. "There's no center of
gravity" for attackers to take out, he said.
Email
Print
