The wave of electronic assaults, referred to as "Operation Payback" led by the Anonymous group of activists as an effort to conduct denial of service attacks against a wide range of targets has experienced something of a setback and is now changing course. Yesterday's arrest of a Dutch teenager has caused some difficulties for the group as well, as he was apparently the operator of an IRC server coordinating the attacks. The result: a change in course and what appears to be diminished enthusiasm on the part of 4chan denizens who make up the Anonymous collective.
These attacks were aimed at the home sites of the credit card companies. Those sites have high profiles but relatively low traffic levels -- traffic levels that make them more vulnerable to a distributed denial of service (DDoS) attack. Such attacks deliberately spike the traffic to a site and make it inaccessible. But those were just are their public-facing websites, not the transaction processing.
While the headlines Operation Payback has been able to generate with its attacks may be giving the credit card companies a black eye and are a source of embarrassment, they are distorting the actual security threat to the firms' financial systems. Where it counts, which is making sure that when you and I are at the mall buying gifts for our family for Christmas, they've got an amazingly robust infrastructure.
Operation Payback's attacks on Visa and MasterCard were undertaken in retaliation for the companies' decision to refuse to process donations to Wikileaks, a site that most recently made waves by leaking hundreds of thousands of private U.S. State Department messages, some of which were classified as "Secret."
PayPal, an online financial transaction company, took similar action, but its main site did not come under attack. They didn't try to take out PayPal itself because PayPal is way too large and distributed and able to resist the attack, and it wouldn't look good for the attacker so they went after Paypal's blog instead because it was an easier target.
Although the transaction systems of the credit card companies may have been insulated from the denial of service attacks on their home sites, the assaults may have some financial consequences for the firms. Both businesses have programs -- Verified By Visa and MasterCard SecureCode -- that require additional authentication when making online purchases with merchants participating in those programs. Those systems are being affected by these denial of service attacks because they rely on MasterCard's and Visa's websites to be there to type in your extra security code. There is the potential of holiday shoppers shopping online not being able to purchase anything with their MasterCard or Visa, and so it could hit the pocketbooks over at the credit card companies.
But Operation Payback is yesterday's news. Today, it's all about Operation Leakspin. Now apparently Anonymous switched from trying to disrupt anti-Wikileaks sites to trying to spread the info from Wikileaks' secret diplomatic cables in as many ways as possible. This new tactic is called Operation Leakspin.
The idea behind Leakspin is to pick out some of the less-publicized Wikileaks info and post it in innocuous locations, in YouTube videos and on message boards. Videos with popular keywords like "Bieber" could turn out be Anonymous members reading from the secret diplomatic cables. Why the sudden change in tactics? Because the mission all along has been to keep the Wikileaks documents online. "They don't fear the LOIC. They fear exposure," says the Op Leakspin poster.
This morning, Anonymous issued a press release in an attempt to explain its new position. The release states that Anonymous has no interest in compromising personal information or credit card details, but rather that its attacks on financial companies are motivated by a desire to draw attention to the way in which they are hurting WikiLeaks—taking "symbolic action" against the companies' "public faces." The announcement also recognizes that the group has not been doing a good job of explaining its motivation so far.
The authors of the press release also sought to distance themselves from calls made on Twitter yesterday to attack amazon.com—an attack that did not actually occur. A denial of service attack on Amazon was unlikely to succeed—the very reason that WikiLeaks itself used the company for its hosting for a brief period—but more than this, the writers say that such an attack would "affect people such as consumers in a negative way and make them feel threatened by Anonymous." As such, it would be counterproductive and "in bad taste."
In the meantime, several of the Anonymous IRC servers are offline, with some "down for maintenance," which could very well indicate that the group is looking for new hosting. At the very least, they're experiencing serious DNS issues. There also seems to be little enthusiasm for the new approach on 4chan.
Operation Payback has also been slowed down by Twitter and Facebook banning pages that broadcast Anon's plans and calls to action. Although Twitter has said they're not blocking Wikileaks tweets from the trending topics list, they did shut down the Anonymous Operations Twitter account. Facebook took down the equivalent page on its site, too. Naturally, several more have popped up in their place. There are conflicting claims about whether the US government has put pressure on financial services and social media sites to stifle support for Wikileaks.
High Orbit Ion Cannon
But this might not be the end of the DDoS Attacks, today a new tool was released and a new wave of attacks was somehow initiated using the High Orbit Ion Cannon. This new tool is supposed to be more effective, less prone to detection hence theoretically capable of greater damage to targeted websites.