Go to the Globe and Mail homepage

Jump to main navigationJump to main content

WikiLeaks confronts cyberattack Add to ...

Just before WikiLeaks staff made public another massive stock of previously unpublished government documents, the whistle-blowing website allegedly came under cyberattack, presumably as part of an attempt to slow down or stop what is primarily an Internet-based organization.

"We are currently under a mass distributed denial of service attack," WikiLeaks posted on the website's official Twitter account on Sunday, shortly before a select group of news organizations began publishing reports about a new collection of government documents WikiLeaks had obtained.

"El Pais, Le Monde, Spiegel, Guardian & NYT will publish many U.S. embassy cables tonight, even if WikiLeaks goes down," the website's staff added.

A denial of service attack is a means of attempting to shut down a website or computer network by overloading it with data, much in the same way that flooding a highway with cars will eventually bring traffic to a halt. It is a common cyber-warfare technique because it requires scale rather than skill - simply commanding enough computers to send meaningless data to a server can eventually cause that server to crash under the weight.

Because it is inexpensive, it can be launched from numerous computers simultaneously and is thus sometimes difficult to track. Denial of service attacks are popular with groups ranging from individual hackers to organized criminal groups to state governments.

But if WikiLeaks did indeed come under a denial of service attack, it's unclear what the attacker sought to achieve. The U.S. government - WikiLeaks' most vocal critic - likely has access to far more sophisticated methods of undermining the website.

By the time WikiLeaks reported the attack, at least some of the documents it was set to reveal would have already been in the hands of numerous news organizations. In fact, during previous high-profile releases, the WikiLeaks website is often visited simultaneously by so many visitors from around the world that the site becomes difficult to access - in effect, the rush of traffic to the site at the moment WikiLeaks releases big stores of information is often so massive that it has some of the same effects as a co-ordinated denial of service attack.

WikiLeaks staff have been especially diligent about maintaining and protecting the organization's digital presence, especially since the site became a worldwide phenomenon, after the release of sensitive documents relating to the Afghanistan and Iraq wars. Staff often use the website's Twitter feed to highlight or disparage positive or negative coverage. Indeed, the Twitter feed often carries critical remarks about news outlets such as The New York Times, which WikiLeaks often allows to see sensitive data well before the organization makes the same information available to the public at large.

But if WikiLeaks is indeed the subject of co-ordinated cyberattacks, it is not defenceless. The site often releases documents as torrents - files that can be shared by thousands or millions of individual computer users, who in effect act as a worldwide and largely unstoppable distribution mechanism for WikiLeaks' documents. As such, shutting down WikiLeaks after the site makes new information available to the public does almost nothing to stop the spread of that information.

WikiLeaks has also posted a sort of pre-emptive defence against more aggressive attempts to bring down the organization. Recently, the site uploaded a large encrypted file to the Web. WikiLeaks has not made public the password to decrypt the file, but has made it available for anyone to download.

In effect, it is believed that should somebody try to shut down the website or detain its staff, WikiLeaks would release the password, allowing everyone to read what may be a large store of sensitive or embarrassing information. But because nobody outside WikiLeaks knows what the contents of the file are, the tactic may amount to a bluff. WikiLeaks has never explained the contents of the file, referring to it only as "history insurance."

Follow on Twitter: @omarelakkad

 

In the know

Most popular video »

Highlights

More from The Globe and Mail

Most Popular Stories