The websites of financial and technological companies that cut off services to whistleblowing website WikiLeaks have come under attack by supporters of transparency and openness across the world, in a coordinated campaign codenamed 'Operation Payback'. The companies, which include Amazon, PayPal, MasterCard, Visa and PostFinance, seem to have taken the arguably unlawful measures under pressure from the US government. The loose group of hactivists behind the attacks, known as Anonymous, had vowed to continue their 'digital sit-in' demanding total freedom of the Internet.
The state-corporate war on WikiLeaks follows legal and illegal attempts to take its website down, which were countered by supporters setting up numerous mirrors of the site; cyber attacks by what appears to be US government-sponsored hackers; and the politically motivated arrest of WikiLeaks founder, Julian Assange, in London over alleged sex charges he faces in Sweden.
State-corporate alliance against WikiLeaks
Soon after - and even before - WikiLeaks started the release of 250,000 US diplomatic cables on 28th November, the whistleblowing site and its founder, Julian Assange, came under pressure on all fronts by a government-corporate alliance that tried every trick in the book to suppress the leaking of the embarrassing documents and punish those responsible.
As the hacking and media attacks proved futile - thanks to hundreds of mirrors that mushroomed all over the web and the synchronised publication of the cables by many mainstream media outlets - the US and other governments called upon their traditional allies, multinational companies providing financial and technological services, to cut off all links with WikiLeaks in an attempt to strangle it.
On 1st December, US senator Joe Lieberman, chairman of the Senate's committee on homeland security, said: "I call on any other company or organization that is hosting Wikileaks to immediately terminate its relationship with them. Wikileaks' illegal, outrageous, and reckless acts have compromised our national security and put lives at risk around the world. No responsible company - whether American or foreign - should assist Wikileaks in its efforts to disseminate these stolen materials." The French minister of industry, Eric Besson, similarly warned that there would be "consequences for any companies or organisations helping to keep WikiLeaks online in the country."
Speaking before he was remanded in custody, Assange said the corporate actions against WikiLeaks amounted to the "privatisation of state censorship." "These attacks will not stop our mission, but should be setting off alarm bells about the rule of law in the US," he added. Assange was initially refused bail, despite massive sureties put forward, but has since been released on bail.
The first company to distance itself from Wikileaks was Tableau Software, which provided it with free software for data visualisation, by removing visuals published by WikiLeaks to Tableau Public based on the diplomatic cables. The company has admitted the reason was pressure from Senator Lieberman.
On the same day, online retailer Amazon removed Wikileaks' content from its EC2 cloud service. WikiLeaks had had to move its site from its servers in Sweden to Amazon servers in the US (was there no better alternative?). After being shut out by Amazon, WikiLeaks found a refuge for part of its content at OVH, a small web hosting company based in northern Franc. French industry minister Eric Besson has vowed, however, to find ways to ban hosting of the site. Many countries, including Thailand and China, had blocked access to cablegate.wikileaks.org. On 5th September, the OVH server hosting the diplomatic cables went offline, so Swedish company Pirate Party took over the hosting.
Amazon soon came under a coordinated Distributed Denial of Service (DDoS) attacks, which involve flooding a website with a large number of hits so it stops working. The company admitted "there were indeed large-scale DDOS attacks" but claimed they were "successfully defended against."
Amazon insists its action was not due to political pressure or the DDoS attacks on its website, but because WikiLeak did not "own or otherwise control all the rights to this classified content" and that the leaked documents could be "putting innocent people in jeopardy." (Who's that, diplomats?) Ironically, Amazon has been selling a Kindle version of the Wikileaks diplomatic cables.
The next day, American domain name provider EveryDNS dropped WikiLeaks from its entries, saying the hacking attacks against WikiLeaks would "threaten the stability of the EveryDNS.net infrastructure." This, it claimed, was against its Acceptable Use Policy. (Really? Is porn more acceptable use, then?).
DNS (Domain Name System) is the protocol used to translate friendly names on the Internet (wikileaks.org) to their numeric IP addresses (http://188.8.131.52). This means that Wikileaks still continued to own the domain 'wikileaks.org' but it was no longer accessible through that name on the Internet. So Wikileaks shifted to a backup domain (wikileaks.ch) registered in Switzerland but hosted in Sweden, though the cables were partly hosted by OVH. The Swiss registrar for wikileaks.ch has declined pressure from US and French authorities to remove the site or block access to it.
On 4th September, e-commerce provider PayPal, which is owned by US auction site eBay, announced it had "permanently restricted" the account used by WikiLeaks to collect donations due to a "violation of the PayPal Acceptable Use Policy." PayPal later admitted it had been "advised" by the US State Department that WikiLeaks' activities were "illegal." The State Department letter had, in fact, said that the leaking rather than the publication of the documents was illegal. "As long as Wikileaks holds such material, the violation of the law is ongoing," it added.
Thus, PayPal was declared as the next target of Operation Payback, with DDoS attacks reported more than once.
MasterCard and Visa
On 5th December, credit card company MasterCard pulled the plug on WikiLeaks, restricting the ability to make payments to its bank account using the company's credit cards. A MasterCard spokesman said the company suspended dealings with WikiLeaks because "MasterCard rules prohibit customers from directly or indirectly engaging in or facilitating any action that is illegal." There has, of course, been no court ruling that WikiLeaks activities are illegal, only politically charged statements by US government officials.
The Anonymous hactivists retaliated by launching a DDoS attack on MasterCard's website, causing it to crash. MasterCard initially claimed the attack was no more than "heavy traffic on its external corporate website," but was later forced to admit it had experienced "a service disruption to the MasterCard directory server," which banking experts said meant disruption throughout its global business.
Visa Europe followed suite the following day and suspended payments to WikiLeaks for an initial period of one week. Its website too was inaccessible for a while.
WikiLeaks' payment processor, DataCell, has said it was preparing to take legal action against the credit card companies over their refusal to process donations. CEO Andreas Fink said in a statement: "If large companies such as Visa or Mastercard, who hold the duopoly of the credit card transactions world wide, think they have to put priority on political influence over the law, they have to be ready to take damage claims in the billions of Euros and they have to be ready to lose a big chunk of their business. This might be very well the end of the credit card business worldwide."
Interestingly, one of the cables leaked by WikiLeaks, dated 1 February 2010, disclosed that the Obama administration had lobbied senior Russian government officials on behalf of the credit card firms against a plan by a consortium of state-owned banks to collect processing fees estimated at £2.5bn a year. It is also worth mentioning that both credit card companies allow payments to many illegal groups, such as splinters of far-right organisations Ku Klux Klan (see here).
On 6th December, PostFinance, the financial arm of the Swiss postal service, closed the account of Julian Assange, which contained his £26,000 legal defence fund. The excuse given by the bank was that Assange had provided "false information regarding his place of residence when opening the account." Assange had apparently told PostFinance he lived in Geneva but could not provide a proof that he was a Swiss resident. However, the Swiss Federal Court ruled on 22 July, 2010, that PostFinance was obliged to offer all interested parties an account for payment transactions and to continue any existing accounts as part of its basic service mandate (obligation to contract). Termination of an account relationship (or refusal to enter into such a relationship) is, therefore, only possible for "compelling reasons." PostFinance claims that this gives it "the option of terminating business relationships which run contrary to public and moral opinion."
DDoS attacks were mounted against the bank's website, forcing it to shut down for a whole day.
Twitter and Facebook
Social networking websites, such as Twitter and Facebook, have been buzzing with messages about WikiLeaks and calls for cyber attacks against the corporate censors. On 8th December, Facebook closed down the page of 'Anonymous'. Not long after that, Twitter suspended the account of 'Anon_Operation' after it apparently tweeted a link to hacked MasterCard numbers. The account had around 22,000 followers at the time. A new account, 'Anon_Operationn', soon reappeared offering links to the Internet Relay Chat rooms, where members of Anonymous have apparently been organising. Bloggers initially warned Twitter that it "will be next for censoring #Wikileaks discussion," but in a further post on #Anonops said: "We are not hacking Twitter... DON'T WORRY!... All we are saying that they closed our official account and that is not FREE SPEECH!" Twitter is also accused of preventing the term 'WikiLeaks' from appearing on the microblogging site's 'popular trending' topics.
The Swedish lawyers
Hactivists have also struck against the website of the Swedish lawyer representing the two Swedish women who are accusing Assange of having non-consensual and unprotected sex with them, charges that he denies. Claes Borgström reported the hacking to police, saying the allegations were not a politically motivated plot against Assange. "It has nothing to do with WikiLeaks or the CIA," he added.
The charges against Assange were dropped last August within 24 hours by the chief prosecutor, who found there was "no reason to suspect that he had committed rape." Assange's identity was unlawfully disclosed to right-wing media by the Swedish authorities and the 'rape' story was carried around the world. The decision to withdraw the charges against Assange was overturned after the intervention of Borgström, who is now representing the two women. Borgström is a Social Democratic politician and had worked the Swedish government for several years, between 2000 and 2007.
Other websites that have been targeted by Operation Payback so far include:
- The Swedish Prosecution Authority's website, which was taken offline for almost 11 hours on 14th September, moments after it announced its intention to fight a London court decision to grant Assange bail. The Swedish government's official website had also been targeted.
- The website of American right-wing politician Sarah Palin, who called Assange "an anti-American operative with blood on his hands." Hackers have also reportedly hacked into her personal email account and posted screen shots of her emails on WikiLeaks. However, observers have warned that such stories might be exaggerated in order to paint Anonymous as a "bunch of cyber criminals."
- The blog of Panda Labs, a computer security company that has been involved with investigations and analysis of the Anonymous attacks. Other security firms that have been scaremongering about Anonymous and linking it to cyber crime include Sophos and Spamhaus (see here).
- There are conflicting reports that Anonymous hactivists are preparing DDoS attacks against the UK government if Assange is extradited to Sweden, and there have been calls to attacks on Dutch websites after a 16-year-old suspected of involvement in the previous attacks was arrested. Two other 'hackers' have also been arrested as authorities crack down on Anonymous.
Cyber war or virtual sit-in?
In a blog linked to its Twitter account, Anonymous wrote at the beginning of Operation Payback:
"Hello World. We are Anonymous. What you do or do not know about us is irrelevant. We have decided to write to you, the media, and all citizens of the free world at large to inform you of the message, our intentions, potential targets, and our ongoing peaceful campaign for freedom.
"The internet is the last bastion of freedom in this evolving technical world. The internet is capable of connecting us all.
"When we are connected we are strong. When we are strong we have power. When we have power we are able to do the impossible. This is why the government is moving on WikiLeaks. This is what they fear. They fear our power when we unite. Do not forget this.
"Anonymous is doing what many successful campaigns have done in the past; a sit-in. It may be hard to comprehend, but a digital sit-in is our most effective method to show that all of us deserve freedom of speech and a free internet.
"Our methods may appear, on the outside, to be cruel to those the entities that we are campaigning against, but remember [that] by supporting censorship they are denying everyone a basic human right."
More recently, media reports have claimed that there is growing disagreement between members of Anonymous, so to speak, as to "where to go from here." A message posted on the 4chan image board suggested dropping the DDoS attacks in favour of publicising information in the diplomatic cables that Wikileaks is releasing. "Searching for the less-well publicised cables and spreading the information they contain around the web could be more effective than simply knocking out sites deemed to be enemies of Wikileaks," it said.
It should be noted that protests in support of WikiLeaks and its founder have not all been virtual. Supporters gathered outside Westminster Magistrates Court in London for Assange's bail hearing on 7th December, and again on the 14th. Protests have also been held at the Swedish and Australian embassies (see here). In Australia, mass demonstrations and rallies have taken place in Sydney, Melbourne, Perth and other cities across the country (see here).
A long-term anti-corporate campaigner, who also prefers to keep anonymous, maintains that successful anti-corporate campaigns must use a diversity of tactics. "It's all very well to take down a company's website, but that's more like a stunt than a serious disruption of its business. If these people are serious about making these companies pay back, they should start thinking about boycott campaigns, direct action, mass protests and so on."
The Anonymous web protests over WikiLeaks are the internet equivalent of a mass demonstration. It's a mistake to call them hacking (playful cleverness) or cracking (security breaking). The LOIC program that is being used by the group is prepackaged so no cleverness is needed to run it, and it does not break any computer's security. The protesters have not tried to take control of Amazon's website, or extract any data from MasterCard. They enter through the site's front door, and it just can't cope with the volume.
Calling these protests DDoS, or distributed denial of service, attacks is misleading, too. A DDoS attack is done with thousands of "zombie" computers. Typically, somebody breaks the security of those computers (often with a virus) and takes remote control of them, then rigs them up as a "botnet" to do in unison whatever he directs (in this case, to overload a server). The Anonymous protesters' computers are not zombies; presumably they are being individually operated.
No – the proper comparison is with the crowds that descended last week on Topshop stores. They didn't break into the stores or take any goods from them, but they sure caused a nuisance for the owner, Philip Green. I wouldn't like it one bit if my store (supposing I had one) were the target of a large protest. Amazon and MasterCard don't like it either, and their clients were probably annoyed. Those who hoped to buy at Topshop on the day of the protest may have been annoyed too.
The internet cannot function if websites are frequently blocked by crowds, just as a city cannot function if its streets are constantly full by protesters. But before you advocate a crackdown on internet protests, consider what they are protesting: on the internet, users have no rights. As the WikiLeaks case has demonstrated, what we do online, we do on sufferance.
In the physical world, we have the right to print and sell books. Anyone trying to stop us would need to go to court. That right is weak in the UK (consider superinjunctions), but at least it exists. However, to set up a website we need the co-operation of a domain name company, an ISP, and often a hosting company, any of which can be pressured to cut us off. In the US, no law explicitly establishes this precarity. Rather, it is embodied in contracts that we have allowed those companies to establish as normal. It is as if we all lived in rented rooms and landlords could evict anyone at a moment's notice.
Reading, too, is done on sufferance. In the physical world, you can buy a book with cash, and you own it. You are free to give, lend or sell it to someone else. You are also free to keep it. However, in the virtual world, e-readers have digital handcuffs to stop you from giving, lending or selling a book, as well as licences forbidding that. Last year, Amazon used a back door in its e-reader to remotely delete thousands of copies of 1984, by George Orwell. The Ministry of Truth has been privatised.
In the physical world, we have the right to pay money and to receive money – even anonymously. On the internet, we can receive money only with the approval of organisations such as PayPal and MasterCard, and the "security state" tracks payments moment by moment. Punishment-on-accusation laws such as the Digital Economy Act extend this pattern of precarity to internet connectivity. What you do on your own computer is also controlled by others, with non-free software. Microsoft and Apple systems implement digital handcuffs – features specifically designed to restrict users. Continued use of a program or feature is precarious too: Apple put a back door in the iPhone to remotely delete installed applications and another in Windows enabled Microsoft to install software changes without asking permission.
I started the free software movement to replace user-controlling non-free software with freedom-respecting free software. With free software, we can at least control what software does in our own computers.
The US state today is a nexus of power for corporate interests. Since it must pretend to serve the people, it fears the truth may leak. Hence its parallel campaigns against WikiLeaks: to crush it through the precarity of the internet and to formally limit freedom of the press.
States seek to imprison the Anonymous protesters rather than official torturers and murderers. The day when our governments prosecute war criminals and tell us the truth, internet crowd control may be our most pressing remaining problem. I will rejoice if I see that day.
• Copyright 2010 Richard Stallman – released under the Creative Commons Attribution Noderivs Licence