Pro-Wikileaks activists abandon Amazon cyber attack Published duration 9 December 2010

media caption 'Coldblood', a member of the group Anonymous, tells Jane Wakefield why he views its attacks on Visa and Mastercard as defence of Wikileaks.

Pro-Wikileaks activists have abandoned plans to bring down the website of online retailer Amazon, and switched back to targeting PayPal.

The group Anonymous had pledged to attack the site at 1600 GMT, but have since changed their plans, saying they did not have the "forces".

The site was targeted because it withdrew services from whistle-blowing website Wikileaks.

In the Netherlands a teenager has been arrested over the attacks.

The 16-year-old was arrested by a high-tech crime unit in The Hague after allegedly admitting to involvement in the targeting of the websites of two credit card companies, MasterCard and Visa.

A tool enabling computers to join the co-ordinated attacks against websites perceived to be "anti-Wikileaks" is now reported to have been downloaded more than 31,000 times.

However, security experts warned people to avoid joining the voluntary botnet.

A Twitter message issued by the group said Amazon was too big to attack successfully for now.

"We cannot attack Amazon, currently. The previous schedule was to do so, but we don't have enough forces," read one message on Twitter.

The activists instead instructed followers to attack PayPal, which has suspended the WikiLeaks account, which the organisation had used to collect donations.

A PayPal spokesman told Reuters news agency the company had detected an attack on the site.

'Operation Payback'

Activists are targeting using the Anonymous attack tool, known as LOIC. When a person installs the tool on their PC it enrols the machine into a voluntary botnet which then bombards target sites with data.

image caption Anonymous has published its manifesto

These distributed denial-of-service (DDoS) attacks are illegal in many countries, including the UK.

Social network Facebook confirmed that it had removed Operation Payback - as the campaign is known - from the site because it was promoting its attack tool.

Anonymous member Coldblood told the BBC that he did not understand how firms such as Visa and Mastercard have decided that Wikileaks is illegal.

"We feel that they have bowed to government pressure. They say Wikileaks broke their terms and conditions but they accept payments from groups such as the Ku Klux Klan," he told the BBC.

He said that he has not personally taken part in the recent distributed denial-of-service (DDoS) attacks but explained the motives of those who have.

"Everyone is aware that they are illegal but they feel that it is a worthy cause and the possible outcome outweighs the risk," he said.

He said such attacks were only one tactic in its fight to keep the information being distributed by Wikileaks available.

In a twist to the story it has emerged that Amazon, which last week refused to host Wikileaks, is selling a Kindle version of the documents Wikileaks has leaked.

Earlier attacks against Visa and Mastercard knocked the official websites of the two offline for a while and resulted in problems for some credit card holders.

The attacks have been relatively small so far mustering less then 10 gigabits per second of traffic, said Paul Sop, chief technology officer at Prolexic which helps firms to defend themselves against the type of attack being employed by Anonymous.

"What's really wreaking havoc with these enterprises is how often the attackers can rotate the attack vectors," he said. "We see the attack complexity being more devastating as the mitigation technologies enterprises use can't filter out all these permutations."

image caption Anonymous is taking action against sites it deems to be hampering the work of Wikileaks

Defending against an attack typically involves analysis to work out which ones are being employed. A tactic that may not work well in this case, he said.

"These Anonymous attacks are like riding a bull, they can change wildly and at a moment's notice," said Mr Sop.

Carole Thierault, a security researcher at Sophos, warned against getting involved with the Anonymous campaign.

"No-one, no matter how much you want to take part, should do this," she said. "It is very risky, and most probably illegal."

Ms Thierault said downloading and installing the LOIC attack tool was very risky.

"No-one should download unknown code on to their system," she said. "You're giving access to your computer to a complete stranger."

Coinciding ideals

As well as releasing the attack tool, the Anonymous group has also been active in helping to create mirror sites. To date there are over one thousand sites offering exact copies of the content on Wikileaks.

It is also ensuring the information is available on dark nets, heavily encrypted layers of the internet via which information can be extracted while remaining untraceable.

The new-found attention on Anonymous has led the group to publish its manifesto.

In it, it denies that it is a group of hackers.

"Anonymous is not an organisation... it most certainly is not a group of hackers," it said.

"Anonymous is an online living consciousness, comprised of different individuals with, at times, coinciding ideals and goals."