WikiLeaks

TechSpot: Wikileaks found itself the victim of a cyberattack on Tuesday, shortly after the release of thousands of US State Department communications. News broke of the attack on their Twitter page, which offered another link to the communications, and a message stating “WikiLeaks.org is presently under attack.” It is likely that they were hit with a Distributed Denial of Service (DDoS) attack, the most commonly used method by hackers to cause disruption to websites. It works by flooding the servers with traffic, overloading them, and subsequently causing the servers to crash, or become otherwise unreachable. ...

Washington Post: The CIA has launched a task force to assess the impact of the exposure of thousands of U.S. diplomatic cables and military files by WikiLeaks. Officially, the panel is called the WikiLeaks Task Force. But at CIA headquarters, it’s mainly known by its all-too-apt acronym: W.T.F. The irreverence is perhaps understandable for an agency that has been relatively unscathed by WikiLeaks. Only a handful of CIA files have surfaced on the WikiLeaks Web site, and records from other agencies posted online reveal remarkably little about CIA employees or operations. ...

Just a day after Dutch police arrested a 16-year-old boy in connection with WikiLeaks-related denial-of-service attacks, websites belonging to the Netherlands computer crime cops and prosecutors have been struck with a similar assault. Dennis Janus, a spokesman for the National Police Service confirmed that both the police website, and that of the National Prosector’s Office had been offline for much of the day, with many theorizing that the likely reason is a distributed denial-of-service (DDoS) attack similar to that which was launched against MasterCard, PayPal and other firms. ...

Symantec Connect: WikiLeaks.org is in the news after their recent publications linked to leaked government documents. Spammers are now leveraging the current level of interest with social engineering techniques to infect users’ computers. Symantec is observing a wave of spam spoofing WikiLeaks to lure users into becoming infected with a new threat. The spam email has subject line “IRAN Nuclear BOMB!” and spoofed headers. The “From” header purports to originate from WikiLeaks.org, although this is not in fact the case, and the message body contains a URL. This URL downloads and runs WikiLeaks.jar which has a downloader ‘WikiLeaks.class’ file. The downloader pulls the threat from http://ugo.file[removed].com/226.exe. Symantec detects this threat as W32.Spyrat. ...

Wired: SAO PAULO — Despite widespread speculation at the time, a massive power outage that left 18 out of the 26 Brazilian states in the dark for up to six hours last year was not the result of a cyber attack, according to a classified diplomatic cable published by WikiLeaks last week. The Nov. 10, 2009, blackout came just two days after the CBS News magazine 60 Minutes reported that an earlier outage in the Brazilian state of Espirito Santo in 2007 was the work of hackers. And it came just one day after Threat Level reported that, no, it wasn’t. ...

The Register: Windows source code tapped, say WikiLeaked docs The Chinese government may have used its access to Microsoft source code to develop attacks that exploited weaknesses in the Windows operating system, according to a US diplomatic memo recently published by WikiLeaks. The June 29, 2009 diplomatic cable claims that a Chinese security firm with close ties to the People’s Republic of China, got access to the Windows source under a 2003 agreement designed to help companies improve the security of the Microsoft operating system. Topsec allegedly worked with a government organization known as CNITSEC, short for the China Information Technology Security Center, which actively worked with “private sector” hackers to develop exploits. ...

Switzerland has taken new action against WikiLeaks by shutting down founder Julian Assange’s bank account. PostFinance — which is owned by the Swiss Post, itself a public company owned by the Swiss Confederation — said in a statement earlier today that it has closed Julian Assange’s account for failing to provide proof of Swiss citizenship. Here is PostFinance’s statement on its decision: ...

WikiLeaks is currently not available at WikiLeaks.org. It recently lost its DNS service provider, and the site itself has been battered by DDoS attacks for more than a week now – ever since it first started releasing secret embassy cables. However, when highly coveted information once spreads on the web, there’s no stopping it. Case in point: WikiLeaks currently has several hundred mirrors, and although some of these mirrors are incomplete, slow or perhaps even completely unavailable, it’s highly unlikely that any effort will be able to exterminate them all. ...

At first glance, two recent security stories, the Stuxnet attack on Iran’s nuclear industry and the WikiLeaks breach of US State Department communications, don’t seem to have much in common, but they do. They are united by a vector, a method of transmission and that vector is removable media. I am sure that the Iranians felt pretty secure with air-gapped systems, but like a spark from the burning house next door that finds its way into your shingles, the right USB found its way into the right PC and then suddenly all those uranium enrichment centrifuges running at 807-1210 hz started to act funny and fail in unexpected and reportedly fairly energetic ways (you can see some pics of failed centrifuges here http://web.mit.edu/charliew/www/centrifuge.html and here http://www.chem.purdue.edu/chemsafety/NewsAndStories/CentrifugeDamages.htm). ...

A security man stands next to an anti-aircraft gun as he scans Iran’s nuclear enrichment facility in Natanz, 300 kilometers [186 miles] south of Tehran, Iran, in April 2007. Wired: In what appears to be the first confirmation that the Stuxnet malware hit Iran’s Natanz nuclear facility, Iranian President Mahmoud Ahmadinejad said Monday that malicious computer code launched by “enemies” of the state had sabotaged centrifuges used in Iran’s nuclear-enrichment program. ...