Operation Payback

from Wikipedia, the free encyclopedia
Formerly Payback Flyer (2010)

Operation Payback (German: "Operation Vergeltung") is an ongoing campaign since September 2010 in which coordinated distributed denial-of-service attacks are repeatedly carried out on the websites of various large companies and organizations. The aim of the attacks are z. B. Organizations prosecuting copyright infringements or financial service providers that have terminated business relationships with WikiLeaks . The hacktivists behind the operation come from the environment of the Anonymous group, which has been active since the beginning of 2008, and the Imageboard 4chan, which is related to this group .

Actions

For their DDoS attacks , which are punishable under German law, the activists use a tool called LOIC (“Low Orbit Ion Cannon”), which was originally developed for the anonymous protests against Scientology and can not only be used for manual DDoS attacks on web servers, but also for coordinated, joint attacks. The address is given by the user via a coordination server and control is then transferred to the management team, which is comparable to a botnet on a voluntary basis. The participants communicated partly via various Twitter accounts as well as via Facebook , whose channels were blocked after initial actions.

The activists said they were not hackers , but "average Internet citizens". Neither data theft nor crucial data channels of companies are at the center of their attacks. The whole thing is a “symbolic action”, it said in a message from “Anonymous”. WikiLeaks said it had nothing to do with the group and that there was no contact between employees and anyone at "Anonymous".

Against persecutors of copyright violations

In response to distributed denial-of-service (DDoS) attacks on torrent websites, proponents of the free exchange of copyrighted material decided to launch DDoS attacks on opponents of copyright infringement. These attacks developed into a wave of attacks on several large anti-piracy organizations.

Against former WikiLeaks financial service providers

In December 2010, following the publication of cables from US embassies by WikiLeaks , Operation Payback focused its attention on companies that had subsequently terminated their relationships with WikiLeaks . The Swiss PostFinance was affected on December 7th after closing Julian Assange's account the day before . On December 8th, DDoS attacks made the websites of the credit card companies Visa and Mastercard inaccessible for hours. On December 27, activists announced the group Anonymous already hours before the actual occurrence on Twitter a DDoS attack on the website of the Bank of America at. The promotion was announced for December 27, 2010 at 6:05 p.m. CET. An hour later, the bank's main page could only be reached irregularly. The bank had previously announced that it would stop any transfer orders to and from WikiLeaks accounts.

Against Dutch authorities

After a 16-year-old youth was arrested in the Netherlands on December 9, 2010 on charges of participating in the DDoS attacks on former WikiLeaks financial services providers, the attacks were also directed against the Dutch public prosecutor's office and police.

Against the government of Tunisia and Zimbabwe

In response to WikiLeaks being banned from the Tunisian Internet, Anonymous activists blocked Tunisian government websites on January 2, 2011, invoking “Operation Payback”. The website of the Tunisian Prime Minister temporarily showed an open letter to the government of Tunisia. The action was related to unrest in the North African country that was motivated by government criticism .

In January 2011, the government of Zimbabwe was also attacked, as legal steps against the so-called "indiscretion service WikiLeaks" were taking place in both countries. A statement by Anonymous said: “We are attacking [Zimbabwean President] Mugabe and his [party] Zanu-PF regime for declaring the free press outlawed and threatening to sue anyone who publishes WikiLeaks [documents] . "

Arrests

On December 9, 2010, a 16-year-old was arrested in the Netherlands on charges of involvement in the attacks. He confessed to the allegations. The Dutch public prosecutor's office believes further arrests, also abroad, are possible and assumes that “probably thousands of computers” are involved. As a result, both the Dutch public prosecutor's and the police's website were attacked several times.

Following this arrest, as a result of a change in strategy, Anonymous called for a concerted effort to distribute WikiLeaks' documents on the Internet. To this end, summaries are to be created under the name Operation Leakspin and published together with the source. Videos are also to be shot and uploaded to YouTube.

On December 11, 2010, another 19-year-old was arrested in the Netherlands for allegedly involved in attacks on the Dutch authorities and the Moneybookers payment service .

Five suspected perpetrators were arrested in Great Britain in January 2011 for carrying out attacks against the websites of Mastercard, Visa and PayPal. According to the police, the investigation against "Anonymous" will continue and will be carried out in "cooperation with law enforcement agencies in Europe and the USA". The FBI confirmed that more than 40 homes in the United States were searched in connection with the Anonymous actions.

In July 2011 one suspected Anonymous activist was arrested in 35 raids in the US, 14 in the Netherlands and four in the UK. 35 additional arrest warrants were issued by the FBI .

One of those arrested in Great Britain in 2011 was found guilty in December 2012 of having participated in the DDoS attacks against PayPal, Mastercard and Visa and thus in a "conspiracy". Initially, no sentence was set.

Legal situation

In Germany , participation in DDoS attacks as computer sabotage according to Section 303b StGB can be punished with a fine or imprisonment for up to 3 years, for systems of major importance up to 5 years. In particularly serious cases, the prison sentence can range from 6 months to 10 years. In addition, civil law claims can be asserted.

In the UK , even downloading the Low Orbit Ion Cannon software used in the attacks carries a 2-year prison sentence.

In the Netherlands , where two people have also been arrested on charges of participating in the action, there is a 6-year prison sentence for participating in DDoS attacks.

reception

Konrad Lischka criticized the campaign on Spiegel Online , because a comparatively small group here “caused as much damage as an enormous crowd thanks to the right software. They shot down servers worldwide because a program technically multiplied the damage potential of their page views ”. Anyone who installs LOIC “can carry out attacks on servers themselves. Or leave this to a coordination server run by the activists, which many people probably did. ”The protesters would voluntarily join together to form a botnet, ie“ a computer network that causes damage - that is otherwise known from Trojans that are illegally smuggled onto computers. ”This form of protest would become common Differentiate from online or offline demonstrations in three main points: First, that technology is rated higher than humans; second, that only the harm to the victim would attract attention and third, that “drones” would be used instead of demonstrators.

Frank Patalong said that “this is about more than just a few script kiddies ”, “who play avenging hackers”. There can be "real damage, and not least to the side that the protest action is actually supposed to protect: WikiLeaks, because of course the hack actions exacerbate the controversy, although WikiLeaks itself probably has nothing to do with the hacks." That would be a Shot that backfires. But "the community has long made sure that the WikiLeaks database is no longer available online: the site is currently available hundreds of times, at hundreds of different addresses, and its data sets are also circulating innumerable on P2P exchanges ."

See also

Web links

Individual evidence

  1. ^ Jürgen Kuri: Wikileaks: Ongoing protests and new revelations. heise online, December 10, 2010, accessed December 10, 2010 .
  2. Operation Payback: Protests at the click of a mouse ct'-Magazin of December 9, 2010
  3. ^ "Anonymous" reports to Wort Stern.de on December 10, 2010
  4. Operation Payback: Hackers take revenge for Wikileaks. Zeit Online, December 8, 2010, accessed December 9, 2010 .
  5. Operation Payback: Large-scale hacker attack on Mastercard, Visa & Co. In: Spiegel Online. December 8, 2010, accessed December 8, 2010 .
  6. WikiLeaks: PostFinance ends business relationship with Assange. In: PostFinance . December 6, 2010, accessed December 7, 2012 .
  7. Postfinance website is flooded. NZZ Online, December 8, 2010, accessed December 10, 2010 .
  8. ^ Postfinance: "Assange opened his account personally". Swiss television, December 8, 2010, accessed on December 10, 2010 .
  9. Call of "Operation BOA" distributed via Twitter. Retrieved December 27, 2010 .
  10. Call distributed via Twitter with justification. Archived from the original on October 27, 2011 ; Retrieved December 27, 2010 .
  11. Telekom Presse Vienna on December 27, 2010: Bank of America victims of DDoS attacks. Archived from the original on December 30, 2010 ; Retrieved December 27, 2010 .
  12. cf. New blockade: Bank of America stops cash flow to WikiLeaks at Spiegel Online , December 18, 2010
  13. Operation Payback: Major hacker attack on Mastercard, Visa & Co. Spiegel Online, December 8, 2010, accessed on December 18, 2010 .
  14. ^ The Tech Herald on January 3, 2011: Anonymous offers support to Tunisian protestors. Archived from the original on January 18, 2011 ; Retrieved January 3, 2011 .
  15. Al Jazeera on January 3, 2011: Hackers hit Tunisian websites. Retrieved January 3, 2011 .
  16. Screenshot of the attempt to access this page. Retrieved January 3, 2011 .
  17. ^ ORF on December 29, 2012: Uprising in the vacationer's paradise. Retrieved January 3, 2011 .
  18. Anonymous attacks Zimbabwe and Tunisia Spiegel Online from January 3, 2010
  19. Operation Payback: 16-year-old arrested for DDoS attacks. In: Golem.de. December 10, 2010, accessed December 10, 2010 .
  20. Arrested for attacks by Wikileaks supporters. In: heise online. December 10, 2010, accessed December 10, 2010 .
  21. Investigators pay it to Operation Payback Heim Zeit online from December 10, 2010
  22. Cyber ​​fight for WikiLeaks: Attack on the attackers. Spiegel Online, December 10, 2010, accessed December 15, 2010 .
  23. Operation Leakspin: Info attack instead of DoS attack golem.de of December 10, 2010
  24. Self-service for hackers, further arrests in Holland. In: Telekom Press. December 11, 2010; Archived from the original on December 15, 2010 ; Retrieved December 12, 2010 .
  25. ^ Wikileaks sympathizers arrested Süddeutsche.de on January 8, 2011
  26. FBI arrests 14 suspected hackers from hen / Reuters / AFP on spiegel.de, July 20, 2011
  27. NZZ Digital on December 7, 2012: Anonymous hackers found guilty . Retrieved December 7, 2012.
  28. ^ A b "Illegality" of LOIC-Tool in UK, Germany & Netherlands? In: netzpolitik.org. December 10, 2010, accessed December 10, 2010 .
  29. Wikileaks Followers - A Retreat and New Allies. In: sueddeutsche.de . December 12, 2010, accessed December 12, 2010 .
  30. Konrad Lischka: The stronger one adds up. Spiegel Online, December 10, 2010, accessed December 12, 2010 .
  31. ^ Frank Patalong: Continuous fire from ion cannons. Spiegel Online, December 9, 2010, accessed December 12, 2010 .