Businesses wanting to distance themselves from Wikileaks, should boost their IT security to help defend against...
activist hacker attacks, say security experts.
"Hacktivists" have targeted a string of organisations in recent days as they have sought to sever ties with whistle-blowing site Wikileaks and its founder Julian Assange.
MasterCard is the latest target of hactivist revenge attacks after withdrawing services from Wikileaks in the face of US pressure after the publication of thousands of leaked diplomatic cables.
The Anonymous Hacker Group has aimed distributed denial of service (DDoS) attacks at the websites of the Swedish prosecutor office that is pursuing Assange, as well as PayPal and Swiss Bank Post Finance, after the two companies froze assets belonging to Assange.
WikiLeaks has a strong following among hackers and it was inevitable that there was going to be some form of backlash, said Alan Bentley, senior vice-president international of global security firm, Lumension.
"The Wikileaks saga is undoubtedly set to continue for some time and all organisations involved will want to beef up their security efforts in a bid to protect themselves from the wrath of the hactivist community," he said.
These attacks are very focused, with the goal of crippling or disrupting a service to protest their cause and cause humiliation, said Noa Bar Yosef, senior security startegist at security firm Imperva.
In most cases, hackers rent or create a botnet made up of computers that belong to individuals who have downloaded the bot malware unwittingly, he said, but in this case, the hacktivists are recruiting people from within their own network.
"There is no victimised machine, as the participants knowingly engage in what they call an act of defiance," he said.
Claire Sellick, event director for InfoSecurity Europe, said it was important for any organisation with a web-facing presence, even if it was a simple shop window, to understand that, with the right security in place, it was possible to prepare for a DDoS attack.
While a full-on attack is difficult to mitigate, she said, technologies such as hosting and route diversification can go a long away towards setting the barrier for an effective DDoS attack a lot higher than it may have been previously.
As Wikileaks itself has shown, said Sellick, a website can be hosted on multiple sets of servers, which can also be peered on different internet peering exchanges.
"The Wikileaks DDoS attacks are not going to go away. If anything, we expect they will intensify in the days ahead and companies need to take this opportunity to review and boost their IT/IP security arrangements to protect themselves," she said.