Sophos Cloud Optix
According to an announcement by the Dutch Public Prosecution Service, a 16-year-old boy has been arrested in connection with the distributed denial-of-service attacks that have been launched against a number of websites this week, including MasterCard and PayPal.
The attacks, which have made the headlines in the last couple of days, have seemingly been in support of the controversial WikiLeaks whistle-blowing site and its high profile founder Julian Assange.
Details are very sketchy, but it is reported that the unnamed youth is in police custody and is being interrogated by detectives from the Dutch National High-Tech Crime Team. He is said to have confessed to the attacks, and is due to appear in court in Rotterdam on Friday.
Computers have also been seized, and it appears that the authorities are not ruling out further arrests. Last night, Dutch broadcasters reported that the police visited the offices of LeaseWeb and EvoSwitch – two firms, believed to be providing internet services to the Anonymous group who have co-ordinated the attacks.
Of course, it is highly unlikely that the attacks are coming from just one part of the world.
As I said just earlier today, denial-of-service attacks are illegal – and you would be very foolish to participate in them, as the penalties can include lengthy jail sentences.
you would be very foolish to stand by when the governments steal people's freedom 🙂
Uninformed, angsty teenage idiocy. WikiLeaks is the subject of an active State Department investigation. Whether you agree or disagree with that, payment companies have an objective legal obligation to stop giving money to them. It's standard procedure. They're private companies, you don't have a right to either the service or the "money". There's no rights being violated there, nothing being censored, not by any stretch of the definition or your imagination.
If you want to do something productive, target people who've actively opposed WikiLeaks and pushed for censorship in the first place. Amazon, Palin, Lieberman, the State Department, the Swedish prosecution… these are all much more relevant.
You do not have the right. But you have a duty to freedom and to free speech to show the people out there, that you are not going to be gagged. And if it is through DDoSing websites, to show, that you will NOT tolerate some gag orders from the government, its ok.
Either you're on the side of wikileaks, or on the governments. If you are on the gov side, don't cry if you're attacked.
Also, "Uninformed, angsty teenage idiocy" was almost everytime in history the way a revolution started. They were not started by some smart people like you, who think they'll be cool if they stay out of everything. This is a cyber war. Casualties will be on both sides as collateral damage will be. But we will not shut up. And we will not have our rights taken away.
If you're going to pat yourself on the back for thinking you're taking a stand, just don't try to say "oh, well, it's okay for me to be breaking the law because I think I have a reason to". If you're personally okay with doing it, then more power to you. But don't try to excuse it.
But no, it's not as simple as "you're on the side of wikileaks, or on the governments". It never is, unless you're talking about Saturday morning cartoons. Leave the black and white morality at the door. There are plenty of us who support WikiLeaks and Assange, but don't agree with some or all of these disorganized, misdirected attacks.
you are such a sheep i just want to shear you bold, you silly little man
You're missing the point of the attacks.
It's all for publicity, and it has worked very well.
“And if it is through DDoSing websites, to show, that you will NOT tolerate some gag orders from the government, its ok. ”
No, it’s not “ok”. It’s still illegal. If you’re willing to break the law to fight for something to believe in, and you think that’s justified, then that’s all you. But you shouldn’t delude yourself into thinking that it somehow makes it less of a crime.
“Either you’re on the side of wikileaks, or on the governments. If you are on the gov side, don’t cry if you’re attacked. ”
This is silly. A lot of people of people who support Wikileaks don’t support DDoSing websites in retaliation. There aren’t divides like that in real life, “you’re with us or you’re the enemy” is a childish way to look at the world.
“Also, ‘Uninformed, angsty teenage idiocy’ was almost everytime in history the way a revolution started.”
No, not really. “Revolutions” don’t start with people who don’t know what’s going on. You need to be objective and check your facts. Jumping straight to misdirected, disorganized attacks against companies who, for the most part, are guilty of nothing more than staying neutral and not acting in line with your own personal politics is not some kind of revolution for freedom. You’re not losing any rights.
"No, it's not "ok". It's still illegal. If you're willing to break the law to fight for something to believe in, and you think that's justified, then that's all you. But you shouldn't delude yourself into thinking that it somehow makes it less of a crime."
Tell that to Martin Luther King Jr, Rosa Parks or anyone else in the civil rights movement you spineless coward.
… You missed the point entirely. It doesn't matter if you're justified or not, it doesn't matter if it's for a good reason or not, it's still illegal and you shouldn't kid yourself it isn't. Just because you think it's the right thing to do doesn't change that. Nice strawman, though.
Do you think one of you could call yourself "Anonymous #1" and the other one "Anonymous #2"? Would make this so much easier to follow… 🙂
hello, that example is IRRELEVANT! first off when did mr king break the law? Rosa Parks sort of did but thats kind of debatable. in any case please realize that these companies are obligated to stop allowing those people to use their services under law. not everything is a government conspiracy.
Agreed. What this boy did was merely an act of flooding the site with requests, causing it to slow and eventually shut down. He is one of thousands around the world helping to protest via the internet. Even now, there is a JS LOIC page where all people have to do is press a button to be a part of the DDOS attacks. They want to give people the power to protest via the internet.
Unfortunately this young boy's love for freedom and the truth has landed him in trouble. I take my hat off to this lad who stands up for his rights and the right for the public to know what their government is doing.
Foolish to participate my ass, most countries pretty much never had anyone convicted for it.
When you're targeting something as big as MasterCard, that's a different story.
Is it illegal to reload a website 20.000 times a second? Don't think so.
This goes for both you and @VNimara_Consort.
Don't be pedantic. It's pathetic to see people try and excuse DDoS attacks by trying to understate them. You're not fooling anybody who actually knows what kind of effect that amount of traffic can have en masse, and it's disappointing to see people claiming that they're standing up for something while trying to deny that it is what it is and that it is illegal.
In the Netherlands it's illegal since 2006 yes.
they can take time to arrest people for fighting for there freedom but mean while the goverments around the world are murdering innocent civilens and nothing is do about that. they just lie about it and try to cover it up. The people are speaking out its time the goverments step up and take responsibility for all the wrongs they have done. Thank you anonomous for giveing us hope that all the lies will not be hidden for ever.
We are One,
We are everywhere,
We are taking a stand.
ironic that the person posting under anonymous is posting against anonymous. just saying.
>implying you don't understand what "anonymous" means.
It's great to see16 years old boys fighting for free speech, that makes me belief there is some hope again.
Do you understand what DDOS entails? It means hijacking of thousand of innocent people's computers via malware or virus to add it to a Botnet which can then be used for many things besides DDOS. Spam comes to mind. Don't get "holier than thou" protesting for the "right of free speech" when you first hijack other people's computers without their consent. That's a pretty basic right, too.
The recent attacks have, notably, not been based on zombie networks. While most DDOS attacks are conducted by hijacking computers, this attack was voluntary. Participants directed their own computers to connect to the targets and spam them. While this has nothing to do with whether or not the attacks were appropriate, which I shall not comment on, they were (oddly enough) voluntary.
While it is true, as you said, that many of the attacks are coming from 3,000 PC's voluntarily using LOIC, a 30K botnet is also involved.
http://www.pcworld.com/article/213045/group_used_…
Actually Thomas, DDoS doesn’t mean hijacking thousands of people’s computers through the use of Malware. In fact, DDoS simply means a denial of service on a distributed scale; ie: not from one target.
Not to mention that the Anonymous group are asking that people opt-in, giving them the choice to take part, the choice to install LOIC, I’m not seeing any hijacking any where in that statement.
Shame that your point is fundamentally flawed. Maybe you should lose *your* holier than thou attitude.
Gaz, look above you.
There are implications that there was a botnet involved, in addition to the voluntary LOIC users.
And while I'll agree that was phrased pretty badly, it's true that DDoS attacks ordinarily make use of botnets and not voluntary users.
So it's ok to attack MasterCard and other companies for upholding their policies under the view that it's taking a stand for freedom of speech? What about the companies freedom? They choose who they will do business with – it's just as much their right to decide they no longer wish to do business with that person. I find it interesting that people think it's ok to fight for some type of freedom by surpressing others.
The person who took the documents in the first place is most to blame… WikiLeaks is to blame for the ones which do not stand for what they argue is what they're all about… I'm sorry but posting a document about key buildings/locations/etc has nothing to do with bringing something shady to light – it's done to weaken them, with the intent for harm. Some of the documents posted I think needed to be, all of them – no. It's not black and white, people need to wake up and realize that there is a lot more to it than just posting stuff that proves wrong doing on the part of governments.
It is worth asking whether or not we would trust the data if only a bit had been released. By releasing it all, some degree of bias was eliminated. Also, while a list might be more blatant, nearly every one of those site can be found on Google.
Every story from WikiLeaks does not need a huge amount of extra files as proof. By releasing it all, they’re not doing what they say they stand for as far as exposing corruption – they’re releasing info that has nothing to do with corruption. And if all the detail can be found on Google – why then is it needed to be posed by WikiLeaks to eliminate a bias in the first place?
It's also worth baring in mind that the people donating to Wikileaks are losing their freedom of speech, since they're unable to donate due to the stubbornness of a company hypocritically applying it's policies to individual recipients.
Gaz, none of that makes any sense.
The freedom of speech does not in any way cover your ability to pay somebody money. Especially through a private company.
There's nothing stubborn or hypocritical about the actions of PayPal, MasterCard and Visa. If they get any kind of report or indication that a client is implicated in or associated in any way with something that may be legally questionable, they're obligated to hold the account immediately. This is nothing new. This isn't something that's never happened before. This is industry standard procedure and common-sense business ethics. Holding the account until the government investigation is closed is the neutral and responsible thing to do.
Wikileaks is a terrorist organization. We should freeze their assets and send their leaders to Guantanamo.
Were the DDoS attacks against wikileaks pursued with the same sort of priority?
Or does the site itself have to have to make a complaint to the relevant authorities to get the incident investigated, and traced, and pursued?
Doesn't work like that unfortunately, it's "legal" for people to do it against entities the government doesn't like 😉
No, it works exactly like that. The government is not pressing the charges for you, the site/company has to pursue them.
Well it depends who you have on your payroll, err I mean gave campaing contributions too. Want results? Pay the right people.
Do these attacks against the infrastructure of banking and making payments increase the likelihood of computers having to meet a standard of compliance to be certified as "malware free" before the computer is allowed to connect to the internet?
I suspect that some people are looking at an excuse to enforce this. Spam and botnets have only been a nuisance up until now (to windows users, and everyone with an email address, of course) but now this is an "attack" against the movement of money. Mostly by computers running MS Windows.
Are Microsoft going to be forced to secure their OS?
No.
Are end users going to be forced to prove that their computer is malware free?
Possibly…
No one has commented on how easy it was to take down a global commercial site. It was the comment from an emminent IT security expert on BBC Radio 4, which made me laugh, “Surpringly, the visa payment system was brought down via a single IP address on the corporate website”. DDoS attacks on firewalls are common place, it was the back-end security verification systems which collapased. That is some Visa & Paypal should be looking at. Could get busy before xmas with all the on-line shopping…..
The Visa payment system wasn’t brought down. The only thing interrupted, besides the homepage itself, was the Verified by Visa function. Same goes for MasterCard and their equivalent of that.
You're talking about Verified By Visa. That's just a secondary, optional web verification tool hosted on the site. It isn't some kind of "back-end security verification system", and the only people who would have been effected by it were people who have opted into using the service and were trying to use the card online at the time. That's not the same thing as interrupting actual transaction verification or processing.
No one commented on it because either you misunderstood was what going on, or your "emminent [sic] IT security expert" did. Transaction processing was not taken down. Verified by Visa is an optional service for web transaction security. It's not a back-end security system.
Sobering reality: we don't know the plan behind what's happening. For example, it could be one strategic move in an Earth shattering, well orchestrated war, or a trial run. And no, insurgents (spread all over the planet or otherwise) are never the brains and force behind wars. They are just one tool used by war machines. War machines enforce order, secrecy, and obedience, NOT freedom.
yea he had a big botnet ya know….
if they are going to arrest 1 kid for the attacks than they should go after the US for starting the attacks. Sadly anon is not a terrorist group as you all think it is but the collective opinion from a section of the internet. I'll wait until someone makes the mistake of waking the folks from 2chan. I'm going to lawl at all the n00bs here since they have no clue what the rules of the internet are and that if you play with fire you will be burned.
What rot. Anonymous’ entire purpose is to terrorize those who aren’t behaving as a group of anarchists wishes. The “collective opinion” of a group of internet users isn’t worth a hill of beans if it’s against the law, and the internet is not a free-for-all controlled by mob rule. This is real life, not some anarchist utopia.
Ugh, how wrong you are. The opinions of large groups of people are worth more than law in practice. Has always been so and will always be so.
If you fail to understand this you should perhaps take a peek at a history book for starters.
The power has always and will always rest with the masses – and thank god for that. The checks and balances on the corrupt subhuman entities in power are the people and their opinions. And those in power will be judged by the people, and again in the pages of history when the time is mature enough.
Support Operation PAYBACK!
Article lies ofc.
Denial-of-service attacks are a form of terrorism, economic terrorism, a form of economic blackmail. What they say is that, if you don't accede to their wishes, they will cause you economic damages–no different than throwing rocks through your windows. Perhaps these youths are too young to understand the nature of the democratic process, or of how government, works, or how we can change it, but I have a suspicion that they were so busy learning their computer skills and playing computer games that they paid no attention to civics or government classes. No doubt they started out with legitimate concerns about what certain governments were doing. But instead of starting a political movement, or joining one, they took physical action–action no different than an armed uprising. Now, they will have police records, and will probably be unable to seek or win public office, and will be unable to vote anyway now when they reach that age, so they are destroying the very cause they believe in, diminishing their ability to legitimately help. And, even worse, they are creating a strong backlash that may interfere with all of our freedoms. The more they do things like what they have done, the more call there will be to restrict our liberties.
And so was the Tea Party…and that was over taxes
Also I have to say you do realize that the people, the real anon and ghosts of the network aren't 12 right? Seriously you do understand that right?
Yes, because so many political movements have worked to remove laws that hinder freedom… so many political movements have stopped the COIAC, MPAA and Internet Censorship.
Get real fool.
This is the most ridiculous thing Ive read on here yet. The biggest youth vote ever arose and got Obama elected into office, yet here we are seeing the tax cuts for billionaires getting extended and our futures being flushed down the toilet. Try and justify “joining a political movement” all you want, but we tried that, and we dont have the ability to filibuster a bill to help 9/11 first responders, let alone millions of lobbyist dollars to buy our place in congress. What we do have here is a way to get our voice heard in being part of anonymous. Just hope the lowest of us the dont keep this going, like the dorky IT guy at your office that takes care of the internal email server for example, and become our own Wikileaks, because a few lines of code from someone reading a comment like this can potentially take down a company, and in the midsts of figuring it out,lairs out all the dirty laundry.
anybody know what is going on in the rest of the world while we are being distracted with this event?
Good! They caught Anonymous! About time to, this kid has written too many dangers books in the last 500 years, caused too many uprisings and toppled way too many governments. I am glad he is finally arrested.
Well played, sir or madam.
I was listening to public radio and great point was made. It’s goverment job to protect this information and if they can’t do so effectively you can’t blame people who got a hold of it. Newspapers are using anonymous sourses for years- how wikileaks is different? Is it because we can blame someone??? Do your job to protect info- problem solved.
You’ve got to be kidding. Governments protect people through laws. You break the law, you get punished. DDOS attacks are illegal because they caused damage to public and private business. What you’re saying is that if the lock on my door isn’t good enough to keep you from coming in and stealing my valuables, it’s my fault if you do it. That’s absurd.
lazers were charged at the dutch national police website and public prosecution service, succesfully bringing it down as retailiation for the arrest.
the proud and bragging dutch cyberpolice pwned
The Dutch have intelligence services that are very much American lapdogs…
A prime example of the urgency of information security needs in corporate and government organizations.
It’s not necessarily that these organiations were hacked, news coverage seems to be pointing to insiders leaking the documents to WikiLeaks. Wikileaks posted the classified information, there’s no evidence that it hacked to get the info.
Assurance training can be taken online and prep individuals for high security positions.
This is not free speech, you idiots. This is theft of government property and invasion of privacy by punks in service of a narcissist. So you say you wanna revolution, eh? This is the same kind of thinking that leads street teens to light homeless men on fire.
If someone leaked me your bank statements and medical records and I posted them online for everyone to see, I doubt you'd be so indiscriminate in your insistence on free speech. Your fist ends where my nose begins.
Incredible that this fast response from US were not used with those killing innocents…
Incredible that companies take down services for "believeing a thing is illegal" and without a court order or a setenced a thing, in a country that promotes law and order 🙂 you guys make my laugh a lot…
Who is US to order countries what freedom while their goverment kill and sell weapons, go on TV saying excalty opposite things that they do, and a Sara P with guns and screaming as positiong as a posible president.. this must be a joke…
A country that attacked another country regardless UN sentecy (in which he signed to agree with rules by the way).
The people are speaking out, its time the goverments step up and take responsibility for all the wrongs they have done. Thank you anonomous for giving people hope that all the lies will not be hidden.
Anyway,
Who can trust a guy with a pink shirt in charge of security issues ?