WikiLeaks latest release, of some five million emails stolen from the servers of private intelligence company Stratfor, marks a new departure for the whistleblowing organisation. While WikiLeaks have remained tight-lipped as to how they came into possession of the enormous cache of emails, hackers operating under the banner of Anonymous very publicly infiltrated Stratfor’s servers in December 2011.
That operation was carried out by hackers operating under the banner of AntiSec, a subsection of Anonymous that specializes in such hacking and DDoS “ops”. As part of OpLulzXmas, personal information of Stratfor clients was published online and credit cards were used to make donations to charities. In addition the five million emails were extracted from Stratfor’s servers, the same emails that WikiLeaks began publishing on Monday.
Twitter accounts linked to Anonymous have made public statements confirming that those emails were given to WikiLeaks.
— Anonymous (@YourAnonNews) February 27, 2012
Wired have reported that WikiLeaks confirmed receipt of the emails in this coded tweet in the days following the Stratfor hack.
rats for donavon.
— WikiLeaks (@wikileaks) December 30, 2011
This collaboration between Antisec hackers and WikiLeaks is unprecedented, and likely to give server security experts for potential hacking targets some sleepless nights in the coming weeks. It could also mean a new influx of information to an organisation, WikiLeaks, that has almost been brought to its knees in recent years.
WikiLeaks’ long touted new secure submission portal has failed to materialise, and what remains of the organisation’s manpower is now largely preoccupied with fundraising and founder Julian Assange’s legal issues. These difficulties have often been put down to infighting and Assange’s erratic management style. That narrative overlooks the unprecedented and coordinated financial blockade enforced by companies such as PayPal and Amazon on WikiLeaks, seemingly as a result of pressure from the US government in the wake of the Cablegate leaks.
Yochai Benkler, Berkman Professor of Entrepreneurial Legal Studies at Harvard Law School, has likened the blockade to a trial run of how laws like the recently shelved SOPA and PIPA would operate in practise. It allows the US government to bypass legal constraints by pressuring service providers not to do business with certain websites, in this case WikiLeaks.
The characteristics that make this type of attack new are that it targets an entire site, rather than aiming for removal or exclusion of specific offending materials; (it) operates through denial of business and financial systems, in addition to targeting technical systems; and systematically harnesses extralegal pressure to achieve results beyond what law would provide or even permit.
What WikiLeaks can still offer is experience handling and distributing sensitive information, as evidenced by the elaborate secret operation they carried out ahead of the Stratfor email release, an operation OWNI, as one of WikiLeaks 25 media partners, witnessed firsthand. While Antisec hackers can get access to often enormous quantities of secret data, the lifeblood of any self-respecting journalistic organisation, WikiLeaks can coordinate and arrange for journalists to analyse and verify that data.
The Anonymous brand first came to many people’s attention when its supporters attacked the websites of MasterCard, Visa and PayPal in revenge for those organisation’s participation in the financial blockade of WikiLeaks.
In any partnership with WikiLeaks, Anonymous can call upon a huge number of highly skilled hackers from anywhere in the world who identify themselves with the movement. What they lack is experience in distributing any material they find. They’ve made significant mistakes in the past when attempting to expose paedophiles as part of OpDarkNet, in many cases prejudicing cases that authorities had spent months and in some case years building.
Now leading figures associated with Anonymous, such as the hacker Sabu, have begun openly calling for leaks to be communicated to Anonymous for the purpose of publishing.
If you have data to publish (big dumps, source codes, cache of documents, etc) hit up @anonymouStun.
— The Real Sabu (@anonymouSabu) February 27, 2012
There remains an unresolved disconnect between the supporters of Anonymous and WikiLeaks ardent pursuit of “opening up” governments and private corporations by seemingly any means necessary, and the same supporters outrage at actions by the same governments and corporations that impinge on “ordinary” citizens right to personal privacy.
It’s likely any soul searching will be left to the media partners invited by WikiLeaks to take part in any future releases. There appears to be no shortage of Anonymous supporters willing to attempt as many hacks as possible, and WikiLeaks remain steadfast in their belief in the moral imperative of publishing any information that undermines or exposes the powerful.
Many have questioned the value of the Stratfor releases, and raised moral questions about the publishing of information stolen from a private company, as opposed to a publicly funded agency. It’s difficult to have much sympathy for Stratfor: amongst the leaked emails is evidence that they used information itself leaked by LulzSec and by Wikileaks in the course of preparing their own reports, which they were then happy to charge clients for.
In another email a Stratfor analyst decribes Anonymous “pretty remarkable hacking abilities”, but questions whether they would have the motivation or ability to “coordinate something targeted like intelligence theft.”
In the coming weeks and months we might well find out the extent of Antisec’s coordination and hacking abilities, perhaps involving a more substantial target than a private intelligence firm with a vested interest in exaggerating it’s own access to the murky corridors of power. If and when we do, it will likely be via WikiLeaks and their media partners.
Image: wheelzwheeler CC BY-NC-SA