DDoS Attacks Against WikiLeaks Continue

WikiLeaks’ publication of a large cache of confidential and secret U.S. diplomatic cables at the beginning of this week turned the organization into a target for distributed denial-of-service (DDoS) attacks.

The first attack was launched last Sunday, on the eve of the release, and caused significant disruptions to the WikiLeaks website.

According to Arbor Networks, a DDoS protection solutions provider, the attack generated traffic of between 2 and 4 Gbps, making it modest compared to others.

A lone hacktivist nicknamed “The Jester” took credit for the attack via Twittter, claiming that he did it because the leak endangered the lives of U.S. troops and other assets.

“In earlier tweets, the Jester boasted of using low bandwidth application layer attacks instead of relying on large botnets (all of which is consistent with the data ATLAS observed for this Wikileaks attack),” commented Dr. Craig Labovitz, chief scientist at Arbor Networks.

Since then, the whistleblower site has switched to using Amazon mirrors instead of its primary hosting provider in Sweden, which should have theoretically offered better protection against DDoS.

But yesterday the organization announced a new attack, this time larger, and causing a traffic of over 10 Gbps.

“We are currently under another DDOS attack,” WikiLeaks announced via Twitter. “DDOS attack now exceeding 10 Gigabits a second,” it later added.

At the moment there’s no new information as to who might be behind the second attack. The Jester has had some trouble with the authorities, who executed a search warrant at his house on Monday and seized his equipment.

The cablegate.wikileaks.org website, which allows people to explore the leaked diplomatic cables in a variety of ways, was targeted in particular.

However, overall, the attacks did not disrupt the flow of information too much, because all of the documents were already shared in advance with leading newspapers around the world, who continue to publish articles based on them.