Hackers Overwhelm WikiLeaks Servers
GUY RAZ, host:
High-level corruption in Afghanistan is just part of what the WikiLeaks cables have brought to light. And tens of thousands of those State Department documents are yet to be released.
Now if you've tried to see them for yourself at WikiLeaks.org, you might have run into some problems. In fact, you probably got an error message. That's in part because all the files and website itself have been jumping around several different servers all over the world.
In some cases, WikiLeaks has been kicked off those servers. In others, there's a shutdown because of what are called denial-of-service attacks, basically computer hackers overwhelming the system.
So how does WikiLeaks manage to stay online at all? For more on that, I'm joined by Kevin Poulsen, he's a senior editor at Wired.com. Kevin, welcome.
Mr. KEVIN POULSEN (Wired.com): Thank you.
RAZ: First of all, what explains the fact that for much of today, you couldn't even find the WikiLeaks page?
Mr. POULSEN: Well, the latest problem that WikiLeaks had has to with a service called a domain name system server. Basically, it's a shared server that does the basic lookup of translating a name like WikiLeaks.org that you type into your Web browser into the numeric address that the Internet actually uses to get you to the website.
The DNS provider that was serving WikiLeaks decided that it could no longer perform that function because it was being hammered so hard by these denial-of-service attacks.
RAZ: How do they overwhelm a server?
Mr. POULSEN: A denial-of-service attack, basically, they're hackers that have secret control over thousands, or in some cases millions, of ordinary PCs around the world. Your own computer might be under a hacker's control right now.
RAZ: I hope not.
(Soundbite of laughter)
Mr. POULSEN: One of the things that they can do is they can direct thousands, or in some cases, millions of computers around the world all at once to flood any arbitrary target on the Internet with traffic. And so it overloads it. It's like jamming a switchboard.
It takes such a small level of will to do this. If you already have what they call a botnet, if you already have a network of hacked computers at your disposal, launching a denial-of-service attack on WikiLeaks is as simple as typing WikiLeaks' address into your computer.
RAZ: Now, who do we think is attacking these servers that are carrying the WikiLeaks page?
Mr. POULSEN: The first round of them that occurred Sunday, just as WikiLeaks was getting ready to launch the State Department cables, that's been attributed to a self-styled hactivist who calls himself The Jester.
He's for a while now been launching these attacks against jihadist websites. This time, apparently, he was offended by what WikiLeaks was doing, so he launched this attack. It was not a very powerful attack, but WikiLeaks was unprepared for it, and so they were down for some hours.
Since then, there have been more attacks, and the attribution on those is a little sketchier. They've gotten a little bit more powerful.
RAZ: Can we assume that there are governments involved with some of this?
Mr. POULSEN: I think there's no evidence that governments are involved. And there are so many other likely suspects. There are just so many people with the capability of launching distributed denial-of-service attacks, there's no reason to think that there's a state actor.
RAZ: The latest was that WikiLeaks.org was basically taken offline and changed to WikiLeaks.ch, which is for Switzerland.
Mr. POULSEN: Right. They've set up on at least four regional WikiLeaks addresses. So now they're at WikiLeaks.de, .fi, .nl, and they're back on .ch. So they're everywhere now, everywhere except WikiLeaks.org.
RAZ: Kevin, thanks so much.
Mr. POULSEN: Thanks for having me.
RAZ: That's Kevin Poulsen. He's a senior editor at Wired.com.
NPR transcripts are created on a rush deadline by a contractor for NPR, and accuracy and availability may vary. This text may not be in its final form and may be updated or revised in the future. Please be aware that the authoritative record of NPR's programming is the audio.