http://www.digitaljournal.com/article/301414

Hacktivists and the Internet Special

Posted Dec 14, 2010 by Jane Fazackarley
Recently a 16-year old Dutch boy was arrested, and it seems that he may have some connection with Operation Payback and the recent action by hacktivists that targeted sites such as PayPal and Mastercard.
Details of the story appeared on the NPR website. They report that the FBI and the Justice Department computer crime unit are trying to find the hackers behind Operation Payback.
Researchers at the University of Twente in The Netherlands say that the hackers would not be difficult to find because the type of software that they are using could make them easily identifiable.
The latest cyber-protest by the group,which is named "Anonymous", was launched last week and targeted companies who had announced that they were severing their ties with Wikileaks. Sites like Amazon and the website belonging to Sarah Palin also came under a DDoS attack.
The Daily Mail reported that the DDoS attack involved the use of approximately 5,000 computers. A spokesman for the group behind the attacks told the Daily Mail:
"Websites that are bowing down to government pressure have become targets."
"We feel that WikiLeaks has become more than just about leaking of documents, it has become a war ground, the people versus the government."
"The idea is not to wipe them off but to give the companies a wake-up call."
The attack has now moved to fax machines, according to an article published today on the website Tech Eye.
Using a free fax service the hackers have started a “leakflood” mission which aims to bombard companies with a large volume of faxes. The hackers are said to have listed some fax numbers belonging to the likes of Amazon, Pay Pal and others that are to be the focus of the action.
Amichai Shulman is CTO of Imperva Data Security, in an email he explained more about Operation Payback and the Distributed Denial of Service attacks:
"Operation Payback is a series of Distributed Denial of Service (DDoS) attacks carried out by hacktivists, named Anonymous, as of September 2010. Their campaign focuses against targets that impose what they consider as, “Internet censorship.” The group’s initial goal was to bring down anti-piracy sites, such as the RIAA and MPAA because of their actions against illegal file sharers."
Amichai Shulman also explained the potential effects on companies like Mastercard:
"The effect on these companies by this specific campaign is brand damage as their site becomes inaccessible. In fact, the operators of this campaign claimed that they want to bring attention to their cause, not harm users in carrying on their daily online purchasing activity."
"However, it is important to consider this operation in the context of a wake-up call to the impact and threat of a DDoS attack. Consider the scenario where the online payment service of a company is knocked offline. The core business of today’s digital enterprise relies on these services and the equation is simple- the longer the servers are offline, the more money the business is losing. Couple that with the busy holiday season, which most companies rely on as a heavy bulk of their annual revenue, and you can picture how online availability is crucial. The business loss may increase since while the servers are rendered unavailable, or if security controls are found to be inept, customers and partners may decide to leave for competitors."
Shulman also told me more about how the DDoS attack was organised:
"To conduct these attacks, members of Anonymous downloaded a tool named the Low Orbit Ion Cannon (LOIC). This tool could be configured to DDoS a certain server. In effect, the individuals were knowingly engaging themselves in a “voluntary botnet” - an attack where thousands of computers focus their resources at overwhelming a specific target. Upon call, all the machines with the LOIC installed would start spurting malicious traffic targeted against the victim."
"As media attention rose, the number of participants in the “voluntary botnet” increased, achieving a snowball effect. However, at a certain stage botnet farmers – i.e. criminals who maintain and control compromised machines - began to donate their bots to their campaign in order to increase attack “horse-power.” We are aware of botnet farmers claiming to donate 30K and 100K bots to this effort. In addition, the operators of the campaign started to camouflage a Javascript version of the attack tool behind appealing contents (such as porn) to lure users to unknowingly engage in the DDoS activity."
DDoS attacks aren't new. Register.com were the first to be taken offline by a DDos back in 2001. In 2009 Twitter were the target of one which is detailed on Techcrunch. Facebook were also affected but the website stayed online.
I asked Amichai Shulman if he thought that these DDoS attacks would become increasingly common. He replied:
"Yes. The evolution of the Anonymous DDoS attacks shows that hacktivists are starting to use the same tools that are used by industrial hackers (i.e. hackers who attack systems for the purpose of financial profit). The hacker industry is thriving with success stories while employing business models that are in short, working. Operation Payback comes to show that when hacktivists adopt these methods – they garner success. As long as the hacker industry is one step ahead of the game, we will continue seeing more cyber attacks – on all layers (such as online applications) – of the business."