Wikileaks hit by 'denial of service attack'

Wikileaks

Wikileaks claimed to have been hit by a "mass distributed denial of service attack" yesterday.

The revelation came over the organisation's Twitter page on the day Wikileaks started to release a range of US Embassy cable communications.

The released data includes cables from 1966 up to the end of February 2010, covering confidential communications between 274 embassies in countries across the world and the US.

Wikileaks' website is now up and running as it continues to leak documents.

A hacker going by the name of th3j35t3r' claimed over Twitter to have been responsible for taking down the website.

Administrations across the world have raised concerns about the fallout of the leaks, with the US condemning the actions of Wikileaks, claiming the lives of diplomats have been placed at risk.

Julian Assange, Wikileaks founder, countered by claiming US authorities were worried about being held to account.

China hack

Although the documents have not been fully released yet, as they will be trickled out over the coming months, some information has emerged.

One document, picked up by the New York Times, claimed to cover communications from a Chinese contact telling the American Embassy in Beijing that China's Politburo had ordered a hack attack on Google.

The cable also reportedly suggested the Google hack formed part of a wider operation by the Chinese Government to breach systems including those of Western allies and US businesses.

According to the communications, the hacking work had been going on since 2002.

Google had threatened to leave China altogether earlier this year following claims the search giant had been hit by hack emanating from the emerging economic superpower. Google also cited issues with censorship controls in the country as a reason for potentially pulling out.

David Harley, senior research fellow at ESET, still had reservations about the provenance and motivations behind the attack.

"While Wikileaks has turned up some interesting comment from government officials, it would be naive to assume that these people have the best understanding of what's really happening," Harley told IT PRO.

"We do know that there's been quite a lot of samurai (hackers-for-hire) activity out of China for quite a few years, targeting both military and commercial enterprises, and some of that is claimed (in some cases, by the perpetrators) to have been state or military-sponsored, so given the difficulties between Google and China in the past year, we're clearly not looking at the flatly impossible."

Business message?

Nick Lowe, head of Western Europe sales for Check Point, said the fact that many workers had authorised access to the US Government network SIPRNET, from which the information was leaked, showed controls may not have been adequate.

"The fact that hundreds of thousands of authorised users had access to SIPRNET, and could download material to removable storage devices like memory sticks or DVDs, means there's huge potential for a breach - especially when the data written to the removable storage isn't encrypted," he added.

"Having policies alone on data security issues simply isn't enough. These have to be backed up by technology that applies security automatically, so that users cannot tamper with or work around it. Otherwise leaks are simply inevitable."

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.