Wikileaks Begs Supporters to Call off Massive Cyber Attack on US: Supporters in Bid to “Take Down Internet in Revenge for US government Cutting Assange’s Web Links After Hillary Email Leaks”
A MASSIVE co-ordinated series of cyber attacks has forced hundreds of major websites from Amazon to Twitter offline across the globe — and WikiLeaks believes its supporters were responsible.
It urged its backers to “stop taking down the US internet”, saying “Mr Assange is still alive and WikiLeaks is still publishing”.
It then tweeted: “The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate.”
The Ecuadorian government switched off Assange’s Internet service Sunday after he released another tranche of emails showing the contents of a speech given by Hillary Clinton to Goldman Sachs.
WikiLeaks accused John Kerry and the US Government of asking Ecuador to shut down Assange’s Internet connection, but the South American country denied it came under any pressure from the US or any other government.
The Department of Homeland Security has already launched an urgent investigation into the crash, amid claims it could be a precursor to an attempt to disrupt the US Presidential election further.
Wikileaks has already come under fire for its decision to publish around 20,000 from John Podesta, Clinton’s campaign chair.
Internet service company Dyn, which controls the “address book” of the Internet for dozens of major companies, said that it had suffered its first denial of service (DDoS) attack shortly after 6AM ET (11AM BST), in an attack that mostly affected the east coast of the US.
It told CNBC the attack is “well planned and executed, coming from tens of millions [of] IP addresses at [the] same time.”
It confirmed a second attack at 1PM ET, which appeared to be centered on UK servers, and later said “several” attacks were underway on servers across the globe, with the west coast being particularly badly hit.
It was not immediately clear who was responsible and Gillian Christensen of the U.S. Department of Homeland Security said the agency was “investigating all potential causes.”
Political commentor Keith Olbermann even raised the possibility it could be a precursor to an attack on election day.
“Say, not to panic anybody, but what if the (attacks) today were practice for 11/8 ?” he tweeted.
Dyn said it had resolved one attack, which disrupted operations for about two hours, but disclosed a second attack a few hours later that was causing further disruptions.
After tweeting it had fixed the issue, the firm then tweeted “We are continuing to mitigate a DDoS against our Managed DNS network,” as the second wave hit.
The cyber attack meant that millions of Internet users could not access the websites of major online companies such as Netflix and Reddit as well as the crafts marketplace Etsy and the software developer site Github, according to media reports.
The website Gizmodo said it had received reports of difficulty at sites for media outlets including CNN, The Guardian, Wired, HBO and People as well as the money transfer service PayPal.
“This has prevented some of our customers from being able to pay with PayPal in certain regions,” said Paypal spokeswoman Amanda Miller.
“PayPal was not attacked directly, nor were any of our core services to business impacted in the disruption.”
Amazon.com Inc’s web services division, one of the world’s biggest cloud computing companies, also disclosed an outage that lasted several hours on Friday morning.
Doug Madory, director of internet analysis at Dyn, told Reuters he was not sure if the outages at Dyn and Amazon were connected.
“We provide service to Amazon but theirs is a complex network so it is hard to be definitive about causality at the moment,” he said.
Amazon could not immediately be reached for comment.
New Hampshire-based Dyn said its server infrastructure was hit by a distributed denial-of-service attack, which works by overwhelming targeted machines with malicious electronic traffic.
The level of disruption caused was hard to gauge, but Dyn provides Internet traffic optimisation to some of the biggest names on the web.
“This morning, October 21, Dyn received a global DDoS attack on our Managed DNS infrastructure in the east coast of the United States,” said Scott Hilton, executive vice president for products at Dyn, in a statement.
“DNS traffic resolved from east coast name server locations are experiencing a service degradation or intermittent interruption during this time,” Hilton added.
“We have been aggressively mitigating the DDoS attack against our infrastructure.”
DDoS attacks are a primitive form of hacking using botnets — networks of computers that hackers bring under their control.
They do this by getting users to inadvertently download software, typically by following a link in an email or agreeing to download a corrupted file.
These botnets are then used to bombard the servers with simple requests for information carried out simultaneously, causing them to become overwhelmed and shut down.
The attack was first reported on website Hacker News, which named social media giant Twitter along with music service Spotify among a list of “sites down”.
“O-M-G… Twitter is down. That’s what you may have heard many of your friends, family members and work colleagues saying today if they were based in the US and some other parts of the world,” said Lee Munson, security researcher for Comparitech.com.
“The reason being, online criminals have once again gone after a significant site with a DDoS attack.
“Not Twitter, or other popular and equally affected sites such as Spotify, Reddit, Github and SoundCloud though, but rather DNS provider Dyn.
“And that highlights a problem — any company running its own website may well have its own technology in place to mitigate DDoS attacks, but it’s all for nought if the DNS provider itself is not applying a sufficient enough level of protection to its own servers and data centres.”
Users in the UK were mostly unaffected by the issue.
Commenting on this, Richard Meeus, VP technology EMEA at NSFOCUS, a DDoS mitigation company, said: “DNS has often been neglected in terms of its security and availability from an enterprise perspective — it is treated as if it will always be there in the same way that water comes out of the tap and electricity is there when you switch it on.
“This attack highlights how critical DNS is to maintaining a stable and secure Internet presence, and that the DDOS mitigation processes businesses have in place are just as relevant to their DNS service as it is to the web servers and datacentres.”
Reports suggest that some of the affected websites have since improved in reliability.
An FBI representative said she had no immediate comment on the outages.
Dyn is a Manchester, New Hampshire-based provider of Internet infrastructure services, including managing DNS activity that connects a user to a website’s servers.
David Gibson, VP of strategy and market development at Varonis said: “Like many of our aging technologies, DNS wasn’t built with security in mind.
“Unfortunately, DNS is a foundation technology for the Internet that allows people to connect to Internet resources with human names rather than IP addresses (think of them as Internet phone numbers), and when its vulnerabilities are exploited attackers can do a lot of damage — computers don’t know which ‘phone number’ to call when you want to connect to a particular site, like Hacker News.
“DNS is one of the aging technologies the industry is struggling to update, along with one-factor authentication (password-only security), unencrypted web connections — the list is very long, and the stakes have never been higher.
“Many people and organisations are affected by today’s attack and by the email and file (e.g. video) leaks over the past couple months.”
* * *
Source: Daily Mail
* * *
* * *