“Wikileaks is set to start releasing some of the 250,000 diplomatic cables they’ve gotten a hold of. It’s bound to be a big news story.”
I remember posting that on the night of November 27th, 2010. I had been following the news and posting to my personal Facebook wall links to news stories on world events, as well as adding my own personal analysis and opinion. I had no idea how big of an impact the revelations to come would have.
But before I even heard the content of the cables, I heard the backlash: a massive distributed denial-of-service (DDoS) attack was carried out against Wikileaks’ website scarcely before it had even begun to post. Within days, EveryDNS, who provided Wikileaks’ domain name, pulled Wikileaks from its server request. Amazon.com, which had been supplying Wikileaks with server space on its cloud, yanked the whistleblower, forcing the organization to rely on its backup servers located in Sweden.
By December 7th, PayPal had cut off Wikileaks’ account used to accept donations. Mastercard and Visa followed suit, declining transfer requests. Even the personal banking account of Wikileaks founder Julian Assange was frozen, in Switzerland of all places.
In a single week, Wikileaks had their finances cut and their web presence all but gagged. The sheer speed and severity of the response suggests some kind of allergic reaction by the international tech and finance community; surely, my interest was piqued. What could possibly be found in Wikileaks’ treasure trove of diplomatic memos to merit a blacklisting?
At first, I wasn’t terribly impressed: the vast majority of the US State Department’s cables were routine house-keeping. At times, they would delve into the embassatorial equivalent to gossip. Have you heard about Gadaffi? I hear he surrounds himself with a cadre of busty blonde bodyguards!
And so, many prominent members of the American media-industrial complex declared them to be passé. But as days stretched on, disquieting news came to light: the Saudis have been pushing the US government to attack Iran; US drones have been bombing Yemen in secret for years; Hillary Clinton collecting dossiers on UN diplomats, including DNA, fingerprints, and iris scans; and Afghan officials carrying $50 million in “traveling money”.
In time, even more shocking news would come to light, such as Royal Dutch Shell company planting corporate spies throughout the entirety of the Nigerian government; the US government lobbying the Russian government on behalf of credit card companies; US security contractors trafficking in child sex slaves; the UN being petitioned because American officials ignoring claims of civilian massacres in Iraq.
This, of course, does not include earlier Wikileaks revelations, such as the “Collateral Murder” video showing a US gunship opening fire on civilians tending to the wounded; the Stryker brigade in Afghanistan keeping human body parts as “trophies” (as well as a slew of other severely fucked-up shit), or any of the other bombshell news stories Wikileaks has plopped into the lap of the media-industrial complex.
Did I hear anything about this in the news?
… Not really. Really droll stuff, that “massacring civilians” business. Only fit for the back pages, where it won’t disturb people. But the Colts are in training this week! Oh, look! Dick Clark’s turning 81! And doesn’t Palin say the darnedest things?
The most frustrating thing about this was that even though I specifically wanted to hear more about this — as I reckoned it the single biggest news story of the past ten years — the most it got on the news shows and news websites I frequented was a quick 15-second spot, or relegated to third-string on the World section (which is abysmally deficient in American news sources).
To further the problem, what little news coverage was being handed off to Wikileaks was fraught with error. NPR kept repeating the old saw that the entire quarter million documents was thrown out willy-nilly, whereas Wikileaks was moving at a snail’s pace to avoid the very problems they accused Wikileaks of ignoring. Some of the best reporting on the cables was also being carried out by individual bloggers, bringing to light interesting facets that were ignored on the pass-through of harried journalists.
Wikileaks represented a clear and present threat to every single power structure in American society — from the media, to corporations, to political parties, to the military itself. In retrospect, it doesn’t seem odd at all that as I saw it, unless something were done to speak out on behalf of Wikileaks’ treatment and defend it as a valued whistleblower, there was a good chance that Wikileaks would be bankrupted into oblivion, carelessly misrepresented, and safely ignored by the powers that be.
But what could be done? The forces aligned against Wikileaks seemed impervious to any individual’s well-worded statements, no matter how creative the packaging. I lived far away from the bowels of industry and government, so I couldn’t even rely on the hit-or-miss method of picketing a building. I felt trapped by my own knowledge, by the internet that had made me aware of both the problem and the fact that I had limited means to solve it.
It was about this time I heard that the largest group of internet malcontents was up to something.
====================
Anonymous — collective, hivemind, whatever you wish to call it — had been part of the background of my internet awareness for years. The memes they forged — lolcats, rickrolls, even shitting dick-nipples — had become my bread and butter, my language of relating to others on the internet. I also held a lot of respect for the reasoned objections to the Church of Scientology’s practices, as well as the entertaining fashion in which they publicly shamed that corporate shell of a religion. What pushed me away from them, however, was also what drew me to them: the same cruelty used against ne’er-do-wells like the Church of Scientology was also used against obscure bystanders, particularly girls on MySpace or, most prominently, YouTube attention whores such as Jessie Slaughter.
But when the forces of the internet hate machine began to assemble, any differences in targets I had had previously vanished. Something simply had to be done, goddammit, and I might as well be there when Anon does *something*. And so, within the span of a few hours, a distributed denial-of-service attack was carried out against Mastercard, bringing the company’s public-facing website (effectively a corporate pamphlet) down for days.
DDoS wasn’t anything new by any stretch of imagination. Blackmailers had used it for decades at this point to force companies to shell out to stop them. What made the Anonymous DDoS’s different was the speed in which they were organized, the willingness of dozens of people to use their computers for it, and the media savvy to attract the attention of reporters. While it wasn’t technically savvy — equivalent to parking a pickup truck across the entrance to a parking lot to deny access to a grocery store — the largely symbolic action bred solidarity and gave confidence in the strength of the collective’s voice.
What impressed me at the time was the push within the collective to decide together where the collective would go, as facilitated by online polls to select DDoS targets. The case would be made for a particular target, and then the collective would vote. Consensus was ironed out quickly. It was exciting to see decisions made with large groups of people without weeks of electioneering and grandstanding — a welcome change of pace from a congress which had been paralyzed by its own normal processes.
The Mastercard and Visa DDoS’s went forward with the same operating procedure: hit it with page requests till the servers stopped responding. For what amounted to corporate pamphlets, the servers weren’t equipped to deal with the flood of traffic. However, the actual business end of either of these were not targeted, leaving credit card processes untouched.
The opposite was true for PayPal. The collective soon turned to PayPal’s API, which processes the actual transactions. We would later learn that once PayPal’s API was on the dartboard, PayPal’s tech servers went into “red alert” mode — calling in service personnel over the weekend, making sure servers were up to maintenance specs, and tuning IP blocking parameters.
This was, quite frankly, unexpected. The hivemind had targeted unhardened targets which quickly succumbed to DDoS requests, knocking them off completely. In contrast, PayPal’s DNS dynamically redirected to different IP addresses, frustrating a direct DDoS against the particular IP addresses. Where victory had come easily before, there was only frustration to be had: participants trying harder were met with IP bans, which denied them the ability to even check whether the site was up or down.
Confusion reigned supreme. “Is it down?” “Yes! Tango down!” “No, STFU. You’re just IP banned.” Eventually, the effort petered down, as enthusiasm waned. It was as if the hivemind were a barbarian horde, pouring over and easily overwhelming unwalled villages, but breaking their strength over the castle-of-the-internet that is PayPal.
Frustrated, the hivemind looked for more targets. Amazon, perhaps? No, that would affect too many people shopping. Thoughts turned to Christmas and people shopping for the holidays. Too many bystanders would have their holiday disrupted by such an attack. Besides, whereas PayPal was an internet castle, Amazon was a citadel of epic proportions, at least when it came to DDoS’s.
Consensus turned to MoneyBookers, a British money transfer service that had also blocked Wikileaks’ payments. The hivemind rallied the troops and fired their LOIC’s, but to no avail. MoneyBookers, whose business revenue revolved around online payments, couldn’t afford downtime from a DDoS, and was thus similarly fortified. But more pointedly, the service techs seemed to be playing with the collective — many users that had been banned were apparently redirected to goatse, much to their chagrin.
The DDoS’s were mainly driven by their own success — as media reports flooded in of success at bringing down unfortified websites, it brought in fresh recruits for the LOIC hivemind targeting system. However, hardened targets were all but impervious, and with so many numbers it was a given that the hivemind would have to aim higher. As a result, the success of the DDoS’s brought about their eventual defeat by spending morale on fool’s errands.
