Are businesses at risk of WikiLeaks attacks?

Denial of service attacks against WikiLeaks, as well as companies that refuse to do business with it, have raised the stakes for cyber-crime.

Security warning
By
published
in News

ANALYSIS:The blurred -out image of the young hacker on the BBC News might not strike fear into business leaders. But perhaps it should.

The hacker, who identified himself as "Coldblood", claimed to be a member of the Anonymous group behind distributed denial of service (DDoS) attacks on Mastercard, Visa, Amazon.com and PayPal. The companies were targeted, Coldblood told the BBC, because they had "bowed to Government pressure" to withdraw services from WikiLeaks. WikiLeaks itself was hit by several DDoS attacks after it released US diplomatic cables to the press.

Fears are growing that the type of attacks aimed both at WikiLeaks, and its former business partners, are creating an environment that is increasingly dangerous for any organisation doing business online.

Although security experts point out that mounting the type of attacks that took place against Visa and Mastercard is illegal in the UK, under the provisions of the 2006 Police and Justice Act, prosecuting individuals behind cyber attacks is fraught with difficulty. It remains all too easy for hackers to base themselves, or their botnets, in countries where the law is more lax.

Security professionals worry too that, now groups such as Anonymous have demonstrated both the ease and the power of cyber attacks, others will follow their lead. Governments are already concerned about military-style cyber attacks on countries, such as those that affected Baltic states and Georgia; both NATO and the UK government, in its recent defence and security review have made cybercrime and cyber warfare defence a higher priority.

"At the highest level, it is not a question of focusing on WikiLeaks. This comes down to what people are doing, not their motivation," says Professor John Walker, a member of the Security Advisory Group at ISACA and CTO of Secure-Bastion. "We need to think about the next reason for using it [DDoS attacks]. It is a threat that faces every organisation that faces the Internet."

Businesses are also concerned that they might, through no fault of their own, become caught up in cyber attacks driven by political economic or other motives beyond their control. Online businesses in particular will have thousands of customers, and little way of knowing if a customer might be caught up in the type of controversy that has affected WikiLeaks in the future.

Stephen Pritchard
Latest
You might also like
View More ▸