Feeds

AntiLeaks group claim responsibility for WikiLeaks attacks

DDoS hampers Trapwire surveillance system leaks

3 Big data security analytics techniques

The WikiLeaks website has been under a major DDoS attack over the last few days and a group calling itself AntiLeaks has claimed responsibility.

"We are young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at asylum in Ecuador," said the group's self-proclaimed leader, who calls himself Diet Pepsi.

"Assange is the head of a new breed of terrorist. We are doing this as a protest against his attempt to escape justice into Ecuador. This would be a catalyst for many more like him to rise up in his place. We will not stop and they will not stop us."

According to the WikiLeaks Twitter feed, the website, and those of its associates and mirrors, have been hit by a massive DDoS attack reaching 10Gbits/s and using a more complex system than a standard bulk UDP or ICMP packet flooding. The range of IP addresses is huge, indicating either thousands of machines taking part or some really good simulation.

The AntiLeaks group hasn't been heard of before and its Twitter feed only started this month. While it's possible they are simply claiming the attacks rather than carrying them out, it's clear the attacks are being taken by WikiLeaks as an attempt to shut down information.

The attack comes as WikiLeaks is trying to distribute more emails from the hacking of private security group Stratfor Global Intelligence. This latest batch, released in the last few days, concern the existence of a US-based monitoring system called Trapwire.

Trapwire was set up by the Abraxis Corporation, a private security operation fun by former intelligence officers and headed by ex-CIA man Richard Helms. The Abraxis CEO said in an interview seven years ago that the system was designed to share threat information and establish patterns of data that could be used to predict attacks.

"It can collect information about people and vehicles that is more accurate than facial recognition, draw patterns, and do threat assessments of areas that may be under observation from terrorists," he said. "The application can do things like 'type' individuals so if people say 'medium build,' you know exactly what that means from that observer."

Helms claimed then that it was the largest source of threat data outside the US government, and the leaked emails show its scope has widened further. According to one from Fred Burton, Stratfor's vice president for intelligence, the Trapwire network is now covering most North American and British high-value targets (HVT.)

"I knew these hacks when they were GS-12's at the CIA. God Bless America. Now they have EVERY major HVT in CONUS, the UK, Canada, Vegas, Los Angeles, NYC as clients," he wrote.

An annual Trapwire license will set the user back $150,000 he said, with a quarter-million dollar signup fee on top.

Meanwhile, the attacks on Wikileaks go on and the organization is appealing for more funds to get extra bandwidth. AntiLeaks might have a few more problems on their hands, however, if Anonymous is to be believed. ®

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.