Forgot your password?
typodupeerror
Security The Internet IT

WikiLeaks Back Online After Massive DDoS Attack 56

Posted by Soulskill
from the of-barn-doors-and-horses dept.
Trailrunner7 writes "Controversial document-sharing site WikiLeaks was back online Monday evening after sustaining a week-long distributed denial-of-service attack. The organization apparently received some extra capacity and assistance from Web performance and security firm Cloudfare to counter the 10 gigabits per second of bogus traffic that overwhelmed servers for numerous WikiLeaks domains and several supporters' sites. Targets included WikiLeaks' news aggregation site and its donations infrastructure, which it calls the Fund for Network Neutrality. A few days ago the organization posted a statement describing what it surmised was a DNS amplification attack. 'Broadly speaking, this attack makes use of open DNS servers where attackers send a small request to, the fast DNS servers then amplify the request, the request has now increased somewhat in size and is sent to the server of wikileaks-press.org. If an attacker then exploits hundreds of thousands of open DNS resolvers and sends millions of requests to each of them, the attack becomes quite powerful. We only have a small uplink to our server, the size of all these requests was 100,000 times the size of our uplink.'"
This discussion has been archived. No new comments can be posted.

WikiLeaks Back Online After Massive DDoS Attack

Comments Filter:
  • by crazyjj (2598719) * on Tuesday August 14, 2012 @02:25PM (#40987243)

    It's funny how everyone says they like the truth, openness, honesty, free speech--all that shit. Well, until someone dares actually exercise any of that stuff when it exposes THEM, of course. Then it's GODDAMN WAR!!

    It kind of reminds me of the old crack my union friend used to make back in the day: "Ronald Reagan loves labor unions, as long as they're in Poland."

    • "If they're shooting at you then you must be doing something right"
      • by KhabaLox (1906148)

        "If they're shooting at you then you must be doing something right"

        -- Muammar Gaddafi

        • "If they're shooting at you then you must be doing something right"

          -- Muammar Gaddafi

          FTFY

          -- Andrew Mackintosh, West Wing

    • by Baloroth (2370816)

      It's funny how everyone says they like the truth, openness, honesty, free speech--all that shit. Well, until someone dares actually exercise any of that stuff when it exposes THEM, of course. Then it's GODDAMN WAR!!

      It kind of reminds me of the old crack my union friend used to make back in the day: "Ronald Reagan loves labor unions, as long as they're in Poland."

      Wait, who are you talking about here? Because a DDoS attack is exactly how most Wikileaks supporters act against their perceived enemies, and I have to say, I think having the tables turned and have Wikileaks DDoSed in turn is, well, highly appropriate. Maybe now their supporters will learn that breaking the Internet in such a manner to make a point is not acceptable, from anyone.

      Who am I kidding, they'll probably search for the source and launch a DDoS attack of their own. People never learn, and large mo

      • by KhabaLox (1906148)

        I think having the tables turned and have Wikileaks DDoSed in turn is, well, highly appropriate.

        I am in no ways an expert in this type of thing, but from the sound of it, the DDoS on WL was much more sophisticated that those normally perpetrated by Anonymous and the like.

      • Because a DDoS attack is exactly how most Wikileaks supporters act against their perceived enemies,

        [citation needed]

        I'm a WikiLeask supporter; I've never DDoS'd anyone.

    • by daveschroeder (516195) * on Tuesday August 14, 2012 @03:07PM (#40987873)

      So since you seem to be implying that the US and/or the West was behind a DDoS — because that's how the US rolls in the cyber realm: DDoSing targets [insert rolling eyes emoticon here] — I think you should turn your attention to this:

      http://wikileaks.org/syria-files/ [wikileaks.org]

      ---

      Social Media Becoming Online Battlefield in Syria - Mashable

      Social media is often credited with helping spread the Arab Spring, as activists shared messages of discontent and organized protests using Facebook and Twitter. More than a year after the Arab Spring began in Tunisia, it has become a megaphone for propaganda from both sides of the struggle in conflict-ridden Syria.

      http://mashable.com/2012/08/09/social-media-syria/ [mashable.com]

      ---

      Disinformation flies in Syria's growing cyber war - Reuters

      On Sunday, it was a hijacked Reuters Twitter feed trying to create the impression of a rebel collapse in Aleppo. On Monday, it was another account purporting to be a Russian diplomat announcing the death in Damascus of Syrian President Bashar al-Assad.

      http://www.reuters.com/article/2012/08/07/us-syria-crisis-hacking-idUSBRE8760GI20120807 [reuters.com]

      ---

      Reuters Twitter account hijacked, fake tweets sent - CNET

      The hack of news agency's tech feed comes two days after its Web site was breached and defaced with a phony pro-Syrian government story.

      http://news.cnet.com/8301-1023_3-57486971-93/reuters-twitter-account-hijacked-fake-tweets-sent/ [cnet.com]

      ---

      Reuters hacked, phony Syria stories posted - CNET

      Bogus posts reported on setbacks suffered by rebel Free Syrian Army fighting Assad regime.

      http://news.cnet.com/8301-1009_3-57486463-83/reuters-hacked-phony-syria-stories-posted/ [cnet.com]

      ---

      Nah, it's easier to live in the topsy-turvy bizarro land where the US is what's wrong with the world.

      • by VON-MAN (621853)
        I don't think he implied anything *rolls eyes*, but: yes, it might well be Syria or supporters.
    • by kiwimate (458274)

      It's funny how everyone says they like the truth, openness, honesty, free speech--all that shit. Well, until someone dares actually exercise any of that stuff when it exposes THEM, of course. Then it's GODDAMN WAR!!

      You're talking about Julian Assange, right?

    • by Desler (1608317)

      It's funny how everyone says they like the truth, openness, honesty, free speech--all that shit. Well, until someone dares actually exercise any of that stuff when it exposes THEM, of course. Then it's GODDAMN WAR!!

      Yes, your indignation is even more funny since Wikileaks supporters have DDoSed others for exercising their rights to free speech and free association, too.

    • by poity (465672)

      Why couldn't it just be some anons doing it for lulz? Or some other country that doesn't like to preach about "openness, honesty, free speech"? After all, Wikileaks has released documents on more than one country.

      Also, don't forget the two verses of the Slashdot Gospel: 1) ip address is insufficient to identify people, 2) we cannot jump to conclusions since more than one entity can benefit from this act, and this could very well be a false flag to discredit a country.

      (source: 1) every slashdot article about

      • by Desler (1608317)

        But we are only supposed to be skeptical of things that aren't our sacred cows. This is why this very same person will handwave away any evidence that disproves AGW denialism (even when it comes from studies consucted and funded by other denialists) but if Julian Assange or Wikileaks says anything he attacks anyone who dares question them.

      • by Rei (128717)

        Why couldn't it just be some anons doing it for lulz?

        What makes you think that DietPepsi [theregister.co.uk] is not the leader's real name? ;)

  • Bravo Cloudflare! (Score:5, Interesting)

    by John3 (85454) <(moc.sllenroc) (ta) (3nhoj)> on Tuesday August 14, 2012 @02:41PM (#40987491) Homepage Journal

    I've been using Cloudflare [cloudflare.com] for my DNS hosting since the beta days and they are an outstanding group of individuals. Their free DNS hosting is top-notch, with no pressure to upgrade to the paid option. They are some of the same people behind Project Honeypot [projecthoneypot.org]. It's good to see firms like Cloudflare stand up and be counted when free and open access to information is threatened.

  • CloudFlare has patched the exploit that hit Amazons EC3 when wikileaks was hosted there?
    Joe Liebermann is an awfully nasty bug going around.
  • by Aldhibah (834863) on Tuesday August 14, 2012 @03:06PM (#40987865)

    I think we need another term to describe DDoS attack other than massive. Every DDoS attack is massive, that's kind of how they work. How about megalithic, prodigious, elephantine or gargantuan? Other suggestions?

    • by Havenwar (867124) on Tuesday August 14, 2012 @03:18PM (#40988053)

      How about childish, old fashioned, pointless?

      I mean seriously, even if you manage to "kill" a large entity on the internet with a DDoS, all you do is give them more publicity and a few hours of people going "What? Where did it go? Oh, I'll check again to see if it works later." Shut a site down for days, keep it troubled for weeks, and you've expended great amounts of resources at.... giving them more publicity. If you've caused them any pain it's miniscule, they've regrouped, patched a few systems, installed a couple of load balancers, whatever it is they do... and then they are back. And the attack is over.

      It always ends.

      The only entity that a DDoS could be expected to be truly effective against would be one too small to be worth using it against.

      • by moeinvt (851793)

        "The only entity that a DDoS could be expected to be truly effective against would be one too small to be worth using it against."

        Depends what you mean by "effective". Knocking out a site permanently? Of course not. Putting it out of service at a time that's critical to the business? It happens.

        I read an article where a gambling site was being extorted by a group threatening to do a DDoS attack at critical moments, say, right before some big sporting event. It was actually very effective.

        • by Havenwar (867124)

          Fair enough, for an extremely small subset of sites I can see how it would have a worrisome impact on their bottom line, namely as you mentioned betting sites if properly timed. I'm sure there are one or two other use-cases I'm missing, but the point remains... DDoS has become the hammer of the "angry child on the internet" toolbox. To them, every problem looks like a nail. To most of us, we just roll our eyes at them and get on with our lives. Maybe we have some interesting discussions on internet security

      • If you've caused them any pain it's miniscule, they've regrouped, patched a few systems, installed a couple of load balancers, whatever it is they do.

        You need sufficiant bandwidth to receive all the traffic (legit and DDoS) and then sufficient hardware to return legitimate responses for the legimate traffic while dealing with the DDoS traffic. Depending on the details of the DDoS traffic it may be possible to filter it or it may have to be dealt with as if it was legitimate traffic. For a large scale DDoS attack you are unlikely to have these resources in-house so you will have to find a company (likely a content delivery network) to do it for you. Unles

        • by Havenwar (867124)

          Yes, it is indeed a foregone conclusion that the attacker will break first, if the company/entity they are attacking is anything but small to mid sized. Anything larger than that should be able to absorb the costs you talk about as a roadbump. A significant loss, quite possibly, but in business school they taught us to always be prepared for unexpected loss.

          Your hosting provider won't let you sit back and wait? Do they also hold you responsible for lightning strikes? I think you need to switch hosting provi

    • Well, when talking about a Denial-Of-Service (DOS) attack, if you want to elaborate with a new prefix, you need to address several things. One, the scope - is this a localized source, is it international, etc? Secondly, the scale - are we dealing with a large-scale attack, a small-scale attack, etc? Third, is it an automated attack with centralized control, such as a botnet or LOIC, or is it more akin to a "flash mob" DOS? In this particular case, we're dealing with a (G)lobal, (L)arge-scale and (A) aut

    • I like "Jovian". Has a ring of absurdity to it.

  • by logicassasin (318009) on Tuesday August 14, 2012 @04:39PM (#40989267)

    "Freedom of Speech... Just watch what you say"

    http://en.wikipedia.org/wiki/The_Iceberg/Freedom_Of_Speech..._Just_Watch_What_You_Say [wikipedia.org]!

    I think the album cover is most appropriate in this situation.

  • When you're in the business of pissing off companies, governments, and occasionally people, it's a bit naive to assume that they won't respond in some way..

"Well hello there Charlie Brown, you blockhead." -- Lucy Van Pelt

Working...