Online Insurgency Takes Out Visa

Visa and Mastercard might be competitors but they share at least two things in common – they both decided to cut off donations to Wikileaks through their services, and both of their websites have been knocked off the net in retaliation.The group responsible is the self-named group Anonymous which has marshalled Wikileaks supporters into supporting a denial of service attack on the U.S.-based credit card companies. Visa.com stopped responding early in the afternoon Wednesday Pacific time, while Mastercard.com fell at least eight hours earlier and remains unresponsive.Neither company’s backend credit processing systems are affected, though purchases that require a secondary web confirmation (e.g. Verified by Visa and Mastercard SecureCode) are reportedly not working, since they require online verification. ]

Visa sought to assure the public that everything was fine.“Visa’s processing network, which handles cardholder transactions, is functioning normally and cardholders can continue to use their cards as they routinely would. Account data is not at risk,” the company said in a e-mailed statement.Visa, however, dodged the question of why they blocked Wikileaks and seemed to be trying to pass off the takedown as if no attack were underway.“Separately, Visa’s corporate website – Visa.com – is currently experiencing heavier than normal traffic. The company is taking steps to restore the site to full operations within the next few hours.”

The two companies, as well as PayPal, decided to cease allowing card holders to donate to Wikileaks, saying the site’s publication of secret U.S. diplomatic cables violated their Terms of Service. While theNew York Times and other papers have been republishing a number of the cables, the card services have not stopped allowing people to subscribe to those publications using their cards.3Crowd CEO Barrett Lyon, who was one of the early pioneers in fighting DDoS attacks from 2000 to 2006, calls the attacks historic in how well-organized the attackers are (the organizing site includes an FAQ, a propaganda operation and a radio station). It’s also remarkable, he adds, how the attackers have turned what’s largely been used as a tool for online crime into a tool being used to fight for the internet as a place for free information.

“Their IRCs (chat rooms) have more than 5,000 people, many of them from around the world,” Lyon said. “Prosecuting all these folks is not going to be possible.”“It’s also interesting to think that Visa and MasterCard can be brutalized a loosely org group of people with a pice of software,” Lyon said, especially given the attack tool being used isn’t very sophisticated. “It is mediocre, at best. There is a lot they doing wrong, and yet they are still succeeding.”Anonymous’s “Operation Payback” already attacked (and took down for several hours) a Swiss bank that froze an account belonging to WikiLeaks founder Julian Assange. Anonymous is also aiming at PayPal.com, an attack which could, if successful, block financial transactions, but so far that site remains up.

Adding to the insult, Anonymous also posted publicly on Wednesday afternoon what looks to be more 10,000 credit card numbers along with expiration dates, though early analysis indicates the numbers are fake..Wikileak’s credit card processor Datacell is planning to sue over the shutdown, according to Wikileaks’ Twitter feed.Mastercard, Visa and PayPal have all cut off WikiLeaks in the past week, citing violations of their “terms of service” agreements, but no such action has been taken against The New York Times and other publications that are reprinting and reporting on the cables.

The U.S. State Department has called the ongoing publication of the 250,000 diplomatic cables “illegal,” but no charges have been filed against the site. Publishing government documents, even classified ones, is not explicitly illegal in the United States as it is in England.An Anonymous member/sympathizer wrote to Wired.com to announce the attacks, passing along this statement from the chat channel being used to organize the attack:We are the clear logic used to unveil wrongdoing. The general public, clouded by misleading information mostly by the media with a political agenda, fails to see and understand this wrongdoing. Because of this, those who do the wrongdoing escape unpunished. Anonymous is here to ensure punishment does not go unserved to those who deserve it.

WikiLeaks itself has suffered from denial of service attacks since last Sunday, including one from a “patriotic” hacker. That’s when the site began publishing cables provided to the site by Pfc. Bradley Manning (according to chat logs seen by Wired.com), who had access to them as part of his work as an intelligence analyst in Iraq. Manning is in jail in Quantico, awaiting trial.

Assange is also now in custody in London related to sex-crimes charges in Sweden, which has the organization scrambling to operate. Assange is likely to fight extradition.Anonymous, which has its roots in the uncensored crook of the 4chan message boards, has a history of such attacks, including a recent campaign against the record industry for attacking file sharing sites, mass infiltrating an online game for kids to protest its stupidity and a long-running, earlier campaign against the Church of Scientology.

The Scientology attacks were investigated by the FBI and at least one Anonymous member was jailed for his part in clogging Scientology’s websites.Few who are part of Anonymous are actual “hackers,” and instead join in the attacks by running specialized software provided by more technically adept members. Instruction for what sites to target and when are passed around dedicated online chat channels and websites, creating a sort of online insurgency.

However the software does not mask a user’s IP address, and has generated complaints from its users that it sucks up all their available bandwidth when its in attack mode.

Advertisements