WikiLeaks Battles Leaked Password, DDoS Attacks

By Fahmida Y. Rashid  |  Posted 2011-09-01

It has not been a good week for WikiLeaks, what with its documents being leaked and its being hit by a denial of service attack from Anonymous. Oh, the irony.

Earlier this week, whistleblower WikiLeaks made public over 250,000 diplomatic cables belonging to United States diplomats without redacting any sensitive information, such as the names of active operatives and informants in other countries. WikiLeaks was "forced" to do this because the password to the server containing the uncensored cables had been publicized in a book published by the Guardian in February, the site said in a lengthy statement Sept. 1. WikiLeaks is suing the Guardian for publishing the password in a book written by journalist David Leigh.

German newspaper Der Freitag claimed to have used the password and accessed the uncensored cables that were available, on of all places, file-sharing site BitTorrent. Julian Assange, the founder and leader of WikiLeaks, claimed that since the information was accessible to anyone with the password, there was no point in the site continuing to redact the cables.

In the past, WikiLeaks had redacted the cables to protect innocent people from reprisal within their home countries as well as to shield active operatives in the field. The release of the full batch of cables negated the earlier efforts.

"Once WikiLeaks had these documents in their possession, it loses control and information gets out whether they intend [it] to or not," said Defense Department spokesman Col. Dave Lapan.

Guardian claimed that Assange said the password was temporary and would expire. The publication blamed Assange for poor security practices that allowed the encrypted files to be leaked using a temporary password.

The new releases included confidential and secret cables from Sweden and Australia. The Australian cables included a document identifying 23 Australians alleged to have links with al-Qaida.

"On occasions in the past, WikiLeaks has decided to redact identifying features where security operations or safety could be put at risk. This has not occurred in this case," said Robert McClelland, Australia's attorney general, adding that the release was "incredibly irresponsible."

This isn't the first incident where WikiLeaks had problems with the documents provided by whistleblowers around the world. Reports emerged of former WikiLeaks employee Daniel Domscheit-Berg taking some documents, including the full United States no-fly watch list, when he left to start up rival site OpenLeaks. The documents have since been destroyed, according to WikiLeaks.

While the WikiLeaks team was dealing with the exposed password and unredacted documents, the Website was hit by a denial or service attack by a hacker under the name AnonCMD.

Anonymous, the loosely knit organization-that's-not-really-an-organization, has been one of the site's staunchest supporters, organizing distributed denial of service (DDos) attacks against companies that severed ties with the Website last winter after thousands of diplomatic cables were posted online. Anonymous off-shoot LulzSec also went after for airing a documentary that wasn't quite flattering to WikiLeaks earlier this year. Yet one of the members, AnonCMD, claimed responsibility on Twitter for the Aug. 31 attack.

It's not unheard of, since Anonymous is not a single organization speaking with a unified voice. There have been many attacks and incidents that some members of Anonymous condemned while others supported. As AnonyOps, one of the members active on Twitter, wrote on Aug. 17 in a statement on Pastebin, "Anonymous is not Unanimous."

"A destructive minority is getting a majority of the press, while those of us who toil in the shadow doing good work for people at home and abroad go unthanked," AnonyOps wrote, concluding with, "Don't let the actions of a few skew your perception of hackers as a whole."

Some members of Anonymous even criticized AnonCMD for attacking WikiLeaks. "any #anonymous supporter who supports @anoncmd needs to take a good long look at what hes done," posted AnonSikko.

It's believed that AnonCMD used RefRef, a new program being developed to disable Websites. It appears that Patebin and the 4chan forum was also hit by denial-of-service packets from RefRef during the course of the day. The new "tool" is scheduled to be released on Sept. 17.

Rocket Fuel