/ 20 December 2010

Hackers raise stakes in cyber war

The cyber war that has erupted over the WikiLeaks disclosures rose to new heights last weekend as hackers shattered the security of the hyper-fashionable, super-tech-savvy Gawker websites.

Hackers, operating in support of WikiLeaks under the codename Anonymous, recently attacked several big corporations, from MasterCard and Visa to PayPal and Amazon, as part of the so-called Operation Payback launched by fans of the whistle-blower site.

The 24-hour attack on Gawker penetrated deep into its systems, smashing its security shield and catching its executives off guard.

More than a million-and-a-half usernames, emails and passwords were stolen and dumped on to the internet — including the personal details of Gawker’s British founder and mastermind, Nick Denton.

The hackers then announced the theft on Gawker’s own Twitter feed for the gadget site, Gizmodo.
The cheeky tweet said “Support WikiLeaks” and added “Gawker.com hacked, 1,5-million usernames/emails/passwords taken”.

The use of Gawker’s own Twitter feed by the loosely coordinated network of hackers to announce their actions was a breathtaking act of defiance.

A contrite Gawker management admitted that the integrity of all its nine sites had been compromised.

“We understand how important trust is on the internet and we’re deeply sorry for, and embarrassed about, this breach of security — and of trust,” a Gawker spokesperson said.

Within hours of the attack last Saturday, the assailants had gained access to Gawker’s database of usernames and passwords, as well as the programs used to serve up the sites, known as its source code.

Even more audaciously, the hackers posted real-time email exchanges between Gawker staffers, in which the employees discussed how they were coming under attack.

This attack took the recent flurry of mass-hacking escapades into new territory and was claimed by a previously unknown group of hackers going by the name of Gnosis.

Gawker appears to have been singled out for its past tussles with the hacking fraternity rather than for anything to do with the release of the embassy cables by WikiLeaks.

In an email exchange with the website, Mediaite, one of its members said it had attacked Gawker because it wanted to expose the “outright arrogance” of Gawker’s management by highlighting the site’s inadequate security.

“Gawkmedia has possibly the worst security I have ever seen. It is scary how poor it is,” the correspondent said.

The complaint of arrogance appears to be a reference to a feud that has been running for more
than a year between Gawker and 4Chan, an image board frequently used by hackers, including those who orchestrated the anonymous pro-WikiLeaks attacks in the past 10 days.

A sub-board on 4Chan, known as “/b/”, acts as a meeting house for some of the most dedicated hackers.

Among its many actions has been the memorable prank in which it hijacked an internet poll asking fans of the teenage pop star Justin Bieber to decide which country he should tour next.
The 4Chaners latched on to the vote and swamped it, pushing North Korea into prime position.
The image board has been the subject of regular posts on Gawker, written in Gawker’s trademark snarky and forthright style.

Gawker has called 4Chan the “ground zero for internet mischief”, “[home of] the internet’s worst trolls”, and likened the experience of reading it to consuming “heroin mixed with fibreglass”.

Following the attack, Gawker brought in an independent security company to increase its protection.

Denton is keeping uncharacteristically silent about 4Chan, although nobody expects his restraint to last for too long. —