Skip to: Content
Skip to: Site Navigation
Skip to: Search


The New Economy

WikiLeaks cyberattacks now involve Visa, Facebook, Twitter, MasterCard

Visa website taken down, MasterCard website barely up, Operation Payback's Facebook and Twitter pages down. Who will be the next casualty in the WikiLeaks cyberwars?

(Page 2 of 2)



Anonymous's offensive division, known as Operation Payback, controlled a digital "cannon" that could blast websites of their choosing through distributed denial-of-service (DDoS) attacks. Operation Payback had previously targeted groups that tried to prevent the illegal download of movies, music, and games, as well as the Church of Scientology (no relation to The First Church of Christ, Scientist, that publishes The Christian Science Monitor) and KISS performer Gene Simmons.

Skip to next paragraph

Recent posts

Last week, Operation Payback launched DDoS hits against the website of Assange's Swiss bank, which briefly shut down, and then moved on. On Dec. 8, Operation Payback focused its attention on MasterCard. It flooded MasterCard.com throughout the day, knocking it out of commission from 5:30am Eastern Time till about 4 p.m., at which point the website flickered in and out of service, as it continued to do for hours.

Why did MasterCard recover?

In part, perhaps, because Operation Payback had re-aimed its cannon: Visa's website went down just as MasterCard's began to mend. Three hours before, at 1:15pm, Visa spokesman Ted Carr had announced, "Our website is operating normally," which another spokesman reiterated at 2:30pm.

About the same time that Visa came under attack, third parties Facebook and Twitter stepped into the fray. Operation Payback had used its Facebook page (link now broken) and Twitter feed (link now broken) to direct attacks and provide links to instructions on how to participate. Facebook sent Operation Payback a message:

Your Page "Operation Payback" has been removed for violating our Terms of Use. ... Pages that are hateful, threatening, or obscene are not allowed. We also take down Pages that attack an individual or group... If your page was removed for any of the above reasons, it will not be reinstated.

The loss of its Facebook page didn't seem to slow down Operation Payback; its Twitter feed continued to direct and celebrate their efforts, until it, too, went dark about 6 p.m., by which point Visa.com and MasterCard.com were recovering. Having lost these social network connections, Operation Payback is still able to reach out to supporters via IRC and 4chan, hacker-friendly Internet forums.

How does a DDoS attack work?

Individual computers join together to form a collective unit that tries to access the same website thousands of times per second. Most website servers aren't designed to take that many requests at once, and they collapse under the pressure.

In many DDoS incidents, computers are directed against their target without the knowledge or consent of their owners. Operation Payback appears to be volunteer-driven, calling upon interested people to download its program and point it at a chosen target.

Like a firehose pouring into a kitchen sink, a high volume flow can overwhelm a system quickly, causing a server to crash – or a kitchen to become flooded. But in both cases, the problem only lasts as long as the flow continues. Once the firehose turns away, or once Operation Payback targets a new system, the accumulated attempts can wash through – down the drain – and leave little permanent damage.

Permissions

Read Comments

View reader comments | Comment on this story