10 Comments

Summary:

Terms like “cyber-war” have been used to describe the denial-of-service attacks waged by anonymous hackers against the companies that cut off support for WikiLeaks. But the attacks were nothing like a real cyber-war, security experts say, and calling them that could have unintended consequences.

2750044326_210420f275_z

Terms like “cyber-war” have been used a lot in the wake of the recent denial-of-service attacks on MasterCard, Visa and other entities that cut off support for WikiLeaks. But do these attacks really qualify? An analysis by network security firm Arbor Networks suggests that they don’t, and that what we have seen from the group Anonymous and “Operation Payback” is more like vandalism or civil disobedience. And we should be careful about tossing around terms like cyber-war — some believe the government is just itching to find an excuse to adopt unprecedented Internet monitoring powers, and cyber-war would be just the ticket.

The “info-war” description has been used by a number of media outlets in referring to the activities of Anonymous, the loosely organized group of hackers — associated with the counter-culture website known as 4chan — who have been using a number of Twitter accounts and other online forums to coordinate the attacks on MasterCard and others over the past week. But the idea got a big boost from John Perry Barlow, an online veteran and co-founder of the Electronic Frontier Federation, who said on Twitter that:

The first serious infowar is now engaged. The field of battle is WikiLeaks. You are the troops.

As stirring an image as that might be, however — especially to suburban teenagers downloading a DDoS script from Anonymous, who might like to think of themselves as warriors in the battle for truth and justice — there is no real indication that Operation Payback has even come close to being a real “info-war.” While the attacks have been getting more complex, in the sense that they are using a number of different exploits, Arbor Networks says its research shows that they are still relatively puny and unsophisticated compared with other hacking incidents in the past.

Distributed denial-of-service attacks like the kind Operation Payback has been involved with have definitely been ramping up in size over the past few years, Arbor says, with large “flooding attacks” involving as much as 50 gigabytes gigabits per second of data or more, something that can overwhelm data centers and carrier backbones.

So were the Operation Payback strikes against Amazon, MasterCard, Visa and a Swedish bank (which cut off funds belonging to WikiLeaks) in this category? No, says Arbor.

Were these attacks massive high-end flooding DDoS or very sophisticated application level attacks? Neither. Despite the thousands of tweets, press articles and endless hype, most of the attacks over the last week were both relatively small and unsophisticated. In short, other than than intense media scrutiny, the attacks were unremarkable.

In other words, the most impressive thing about the attacks is the name of the easily downloadable tool they employ, which hackers like to call a “Low Orbit Ion Cannon” or LOIC for short (there are also a couple of related programs with minor modifications that are known as the “High Orbit Ion Cannon” and the “Geosynchronous Orbit Ion Cannon”). But unlike a real ion cannon, the ones used by Operation Payback only managed to take down the websites of their victims for a few hours at most. Amazon’s website and services weren’t even affected by the group, which eventually gave up trying.

As Arbor notes in its blog post on the attacks, however, real cyber-war is something the U.S. government and other governments are very interested in, for a variety of reasons — and it has a lot more to do with malicious worms such as Stuxnet, which seeks out and disables specific machinery in a deliberate wave of sabotage, than it does some DDoS attacks run by voluntary bot-nets such as the one organized by Anonymous. Among other things — as investigative journalism Seymour Hersh noted in a recent New Yorker piece entitled “The Online Threat: Should We Be Worried About a Cyber War?” — such a war would give the military even more justification for monitoring and potentially having back-door access to networks and systems, allegedly to defend against foreign attacks.

Related GigaOM Pro content (sub req’d):

Post and thumbnail photo courtesy of Flickr user Zakwitnij/a>

  1. Puff so much denial of service attacks the must contract very good sys admins for protect their mirrors.., great picture! very funny

    Share
    1. Thanks, Bob — I like the picture too :-)

      Share
  2. agreed blown out of proportion. be careful about those who claim responsibility. cia, russia, china, saudis, brits, mossad could be responsible for the attacks. they are the kings of false flag operations.

    Share
    1. good point, eLeaks — thanks for the comment.

      Share
  3. WeAreAllAnonymous Thursday, December 16, 2010

    Ohh look Anonymous DDOS’s Arbor Networks.

    Good job Arbor guys.

    Share
  4. I really don’t know what to make out of Wikileaks, whether what they’re doing is right or not, whether or not PayPal and other companies should give in to government requests, and the DDOS attacks…what a mess.

    Share
  5. As @mikkohypponen said “If we call these attacks a cyberwar, what are we going to call it when nations attack each other with cyberattacks launched by their armies?”

    Share
  6. i agree throwing around terms like “cyber-war” is a bit of a hyperbolic stretch

    in my humble opinion…

    the term “info-wars” to me is more like;
    - striving for total undisputed control of information; either directly (censorship) or indirectly (kinda like strategically misleading public interest)
    - or a constant attempt to distract over all public attention with entertainment and celebrity gossip
    - kinda like artificially inflating or deflating the impact or severity of current events
    - almost like orchestrating beneficial social stereotypes and status quo’s
    - and last but not least owning media networks – with massively broad penetration (in the hundred millions) that consistently focusing less on facts and anecdotal evidence to instead focus more on hammering their audience with catchy talking points and/or carefully constructing opinions that are simple and easy to understand.

    while the term “cyber wars” is more like deploying automated killing machines, or using software to take out communication networks instead of the old school way a la dropping bombs

    and while we’re on the subject…

    yea targeting consumer facing sites and services doesn’t really “make a difference” long term and is more like an annoyance but still you gotta respect the enthusiasm of that movement not to mention be impressed by the level of connectedness the medium known as the internet brings to our society where one or two completely anonymous individuals can organize “online protests” with thousands of strangers in a way that requires little effort

    in the end if you really want to “change the world” or “make a difference” or even just get a different point of view out to the public… for the greater good of humanity or for you own selfish reasons – it will mostly require a whole lot of capital ($$$), effort, passion and luck.

    kinda like viral and social media marketing…

    Share
  7. [...] began talking in terms of “cyber-war” — though GigaOM’s Mathew Ingram cautioned against that type of language from all sides — and were urged on from jail by Assange. NYU professor [...]

    Share
  8. [...] were most recently used to take down the sites of major credit card companies as part of the Anonymous revenge for actions taken against WikiLeaks. However, users tend to actively take part in a DDOS attack. In the case of this type of exploit, [...]

    Share

Comments have been disabled for this post