Government sites braced for attack by pro-WikiLeaks ‘hacktivists’
Whitehall is preparing for a crippling attack on government websites as evidence mounts that the backlash against the arrest of the WikiLeaks founder Julian Assange is rapidly growing into a mass movement that aims to cause widespread disruption on the internet.
Extra security measures have been added to a host of government web services, in particular those used to claim benefits or provide tax information, after Sir Peter Ricketts, the national security adviser, warned permanent secretaries across all departments that “hacktivists” who last week targeted the sites of companies such as MasterCard and PayPal could switch their focus to Britain.
Downing Street officials confirmed they are preparing for a court appearance today by Mr Assange, who remains in custody following his arrest on sex allegations at the request of the Swedish authorities, to be used by hackers as an excuse to switch their focus to key cyber infrastructure such as the website of HM Revenue and Customs. Members of the online collective Anonymous have already signalled their willingness to attack UK targets if Mr Assange – who denies the claims and whose lawyers will today apply for bail – is extradited to Sweden.
The ability of amorphous groups such as Anonymous to disrupt and paralyse websites was displayed again yesterday when hackers obtained the passwords of 1.3 million users of the gossip website Gawker and posted them online. The motivation for the attack, claimed by a group calling itself Gnosis, was unclear, but Gawker has previously published blogs criticising Mr Assange and 4chan, the messaging board that spawned Anonymous. In the wake of the attack, Gawker’s Twitter accounts were hijacked to publish messages supporting WikiLeaks.
Amazon, the world’s biggest online retailer, insisted yesterday that the disappearance of its European websites for about 30 minutes on Sunday was due to a “hardware failure”. The company is one of those which had been threatened as part of Operation Payback, the attempt by Anonymous to mount attacks against companies which withdrew services from WikiLeaks in the wake of its publication of US diplomatic cables.
The anger of Mr Assange’s supporters is likely to be increased by a claim from his British lawyer yesterday that a grand jury has been secretly empanelled in Virginia to consider charges against the Australian over the diplomatic telegrams.
In an online posting yesterday, one Anonymous hacker confirmed plans to attack Amazon (although others have said attacking the site when users are trying to buy Christmas presents would be counter-productive) and said the organisation was ready to attack governments: “It is definitely an information war. The core principle behind it is: information is free, governments keep information to themselves, WikiLeaks releases it to the general public and the war occurs.”
Internet activists have already targeted the website of the Swedish judicial authorities bringing the rape allegations against Mr Assange and it is understood Whitehall officials have been warned an attack is likely to take the form of an attempt to hack into databases or a distributed denial-of-service (DDoS), where thousands of “zombie” computers are used to bombard a web service with requests and thus bring it to a halt.
IT experts have warned that Whitehall is particularly vulnerable to cyber attacks because many computers still run on an outdated version of Internet Explorer which is known to be at particular risk to hackers. The Coalition has ruled out an upgrade on the grounds of cost.
Downing Street said last night that the focus of preparations for a WikiLeaks-linked attack was on protecting information held about private citizens on sites such as those operated by the Department of Work and Pensions. A spokesman for David Cameron said: “The priority would be websites where we are dealing with information that belongs to members of the public.”
The alert at Whitehall is just the latest sign that the world wide web, which marks its 20th birthday this month, is coming of age as a target for dissent as well as a potent means of expressing it. Thousands of people have downloaded the tool, known as LOIC or Low Orbit Ion Cannon, offered by Operation Payback to aid attacks on the websites of MasterCard, Visa and PayPal. Experts said the arrival of LOIC represented a disturbing evolution which makes DDoS attacks, hitherto the domain of cyber criminals seeking to extort money from companies, a tool of mass protest.
Rik Ferguson, a security researcher with Trend Micro, said: “These types of attack are still very difficult to defend against and now we are seeing an exponential increase in those prepared to hand over their computers for such a use. Electronic attacks are no different to attacks on physical infrastructure. They are designed to inconvenience and to disrupt, to have a financial impact to the victim and to anyone relying on that victim’s services.”
IS ANYWHERE SAFE ONLINE?
* The attacks on Visa, MasterCard and Amazon prompted by the WikiLeaks affair have grabbed the headlines – but the hackers who have tried to bring those sites down have merely inconvenienced users. The latest attack on Gawker is part of a more frightening phenomenon where users registered with certain websites find that their personal information is vulnerable to determined experts with malicious intent.
There are many other examples besides Gawker, some of them based on technical vulnerabilities, others on users’ carelessness. The online social world Second Life has had customer accounts hacked, revealing personal information. Scammers have successfully drained PayPal accounts through iTunes by hoaxing people into giving up passwords. And any email account is at risk if a hacker decides to target you and you either have an obvious password or an easily bypassed password reset system – if, for instance, your password can be obtained via a secondary email account that you have allowed to expire and that a hacker can re-register.
Those risks are made greater when companies do not deploy adequate security. But experts say that many apparently secure sites can be ripped open by sufficiently sophisticated hackers. To minimise the risks, it makes sense to only give sensitive personal information to websites you trust.