WikiLeaks Emerging as Hydra-Like Web Entity That's Hard to Kill

 
 
By Fahmida Y. Rashid  |  Posted 2010-12-08 Email Print this article Print
 
 
 
 
 
 
 

Even as WikiLeaks continues to publish its thousands of leaked cables from U.S. diplomats the site is taking steps to stay online despite repeated cyber-attacks, canceled services and government action.

WikiLeaks keeps finding ways to stay online even as it gets hit with repeated denial-of-service attacks aimed at keeping people from accessing the site and despite decisions by technology and financial companies to terminate essential services. 

With each passing day it's getting harder to shut WeakiLeaks down, according to technology experts. "The harder you hit them, the bigger they get," wrote James Cowie, CTO at Internet monitoring firm Renesys. 

In the past 10 days since WikiLeaks began publishing thousands of leaked U.S. diplomatic messages, Amazon has canceled its hosting service, everyDNS terminated its domain name server services, and PayPal, PostFinance, MasterCard and Visa Europe have frozen its accounts.  

WikiLeaks continues to be hit by DOS attacks to shut down the site, with the first attack hitting hours before it published the first batch of diplomatic messages. Instead of relying on just one domain name service provider, the site currently has 14 name servers from 11 different providers in eight different countries, including Switzerland, Germany, Canada and Malaysia, listed in its WHOIS information.  

WikiLeaks has a number of other top-level domains in case WikiLeaks.ch gets knocked off line, including France, Germany, the Netherlands, Norway and Iceland. The geo-diversification makes it very hard to take WikiLeaks down, wrote Cowie. 

Shortly after U.S.-based DNS provider everyDNS terminated service, easyDNS' CEO said the company would be willing to work with WikiLeaks provided certain conditions were met. As the company is based in Toronto, easyDNS would not be subject to U.S. laws "with respect to takedown requests," said Mark Jeftovic.

As of Dec. 8, WikiLeaks.ch listed two easyDNS name servers. EasyDNS is also serving other WikiLeaks domains, according to Jeftovic. Last week, WikiLeaks.nl listed Nevada-based Rollernut for DNS, which has been replaced by EasyDNS. 

The DNS for WikiLeaks is "confined" to the Prolexic anycast name server, said Jeftovic. The four servers, deployed in "London, Hong Kong and on the east and west coasts of North America," were selected because Prolexic specializes in "soaking up DOS attacks" and they do that "very well," he wrote. Even anticipating that WikiLeaks will be attacked, easyDNS is "confident" that there will be "little effect" on other customer domains or even on WikiLeaks, Jeftovic said. 

Now that WikiLeaks is "spreading in a multi-mirrored fashion, it's really gone hydra now," he wrote. "There's no center of gravity" for attackers to take out, he said. 



 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel