At this point, I think even people living in caves know what WikiLeaks is. Good or bad, the information contained in WikiLeaks sheds light on the inner workings of both governments and corporations alike.
Recently, it was proposed that certain parts of the Internet be shut down to combat ISIS and its cyberterrorism recruitment campaign. While the full extent of that remark was unclear, the notion of shutting down parts of the Internet to prevent access from a group like ISIS has been universally scoffed at by cybersecurity and infrastructure experts worldwide.
This did, however, raise many questions by those wanting to understand why shutting off parts of the Internet is not possible. Recently, this question was renewed when the Ecuadorian embassy cut off Julian Assange’s internet access, effectively making him blind to the world and unable to update WikiLeaks or communicate with others.
In this article, we’re going to explore why it is virtually impossible, in the age of the Internet, to cut off a site like WikiLeaks, as well as look at cyberwarfare methods that attempt to do this for strategic and disruptive purposes.
The Improbability of Shutting Down WikiLeaks
To understand why this is virtually impossible is to understand how communication spreads agnostic to the machinations of others as well as how the internet is structured.
Over the centuries, governments and organizations have tried to suppress and control information usually to only achieve failure. Literature has survived book burnings, inquisitions and even genocides. When there is a dedicated group of people working towards the preservation of ideas, it’s impossible to stop. But, as we’ll discuss later, it is possible to slow down dissemination.
Given that the Internet rapidly moves data across the globe at roughly 3,000 miles a second through a loosely confederated network of servers, routers and various ISPs, shutting down parts of it is feasible, but it cannot stop information from moving around the outage.
Looking at the recent Distributed Denial of Service (DDoS) attack against a major provider — the largest of this type of attack in history — outages to the Internet occurred but did not bring down the entire Internet “grid,” if you will.
As an example, some people were having problems using their Starbucks Rewards that day and others had no issues. Some people experienced Netflix outages and others did not. The data these companies had for its patrons remained up even though it reached a more limited audience temporarily.
And this is why WikiLeaks can withstand an onslaught of attacks. Their organization has anonymous members worldwide that safeguard copies of the data both online and offline. Knock out the WikiLeaks website, domain or their current host and its members can bring online a new website with new domain and republish everything very quickly.
Ransomware hackers work in a similar manner in that they’re globally spread out to avoid detection and rotate their websites constantly. WikiLeaks tries to maintain the same site, but can and will change if needed to remain a moving target; they’ve been incredibly effective at doing this.
It is also for this reason that stopping ISIS by shutting down parts of the Internet is essentially a fool’s errand; they have supporters and operatives in several regions that would not be affected by a localized outage. If authorities can’t identify these people, then how do you combat something like this? Welcome to Cyberwarfare 101.
Fighting the Future War
At the most basic level of warfare, rendering your enemy deaf and blind is paramount. If you can create a situation where they cannot gather information, disseminate it to their troops, or even communicate, then the attacker has a distinct advantage.
In technology, it’s no different and every major government is continuously developing new ways to accomplish this over the Internet. Because the Internet is so critical to our economy and infrastructure, shutting it down means shutting down much of our commerce and government workings.
Everything would grind to a halt, and an inability to contact the authorities could cause people to panic. Recently, I wrote an article where I discussed an attack on Ukraine’s power grid that was so complete the hackers even hit the phone system so no one could call in to complain.
Russia is the suspected culprit and the cyberwarfare community believes that this was essentially a beta test for larger, more widespread infrastructure attacks.
These cyberattacks are directed against fixed targets that can be easily probed and analyzed. So, how does this relate to something like WikiLeaks that is small and moving target with global support? It’s relevant because a government doesn’t necessarily need to make the WikiLeaks organization deaf and blind worldwide. It just has to temporarily do so in an attempt to slow down the viral nature of the information WikiLeaks disseminates.
Dimming the Light
Consider that to fully stop WikiLeaks, even temporarily, all of their websites and domains would have to be cut. Their social media platforms would have to be stopped as well, not to mention identifying WikiLeaks “employees” and cutting them off from all forms of Internet.
This doesn’t include individuals who have manually downloaded copies of the data to their local computers and servers for their own reasons. Understanding the sheer impossibility of this is the first step towards grasping the complexity of the situation.
So, what’s a government’s cyberwarfare division to do when you don’t have a single easy target to hit? Quite a bit actually. Here are some major ways WikiLeaks can be damaged or even be temporarily knocked out without having to publicly shut them down or try and create international laws to stop them:
1. A government could infiltrate the inner workings of the WikiLeaks organization and attempt to infect multiple WikiLeaks users for the purpose of gathering intelligence or spreading an infection throughout the organization.
2. Plant false information into WikiLeaks by pretending to be a whistleblower with very sensitive information. This information could put a spotlight on WikiLeaks and once the data is publicly discredited, harm the site’s reputation.
3. Release false or infected information claiming to be from WikiLeaks in an attempt to obfuscate the truth while making WikiLeaks seem unsafe to view.
4. Break into the WikiLeaks’ Deep web sites used by the whistleblowers to monitor or even intercept the data before it reaches WikiLeaks itself.
5. Launch a DDoS attack on all known WikiLeaks assets to prevent the public, at least regionally, from accessing the information.
The time it would take for WikiLeaks to move sites, republish the data and then let the world know their location would be only a temporary outage but effective for that period of time. Rinse and repeat until WikiLeaks begins starving its personnel resources as most of their time is spent moving data and not publishing. This method takes time, personnel and a whole lot of money and bandwidth.
There are a few other rather sinister attacks at the hacker level, but it would be a bit too informative for a public article and I don’t feel like getting contacted by the NSA right now. Let’s just say it’s possible to hit WikiLeaks deep enough at a personal level that recruiting new personnel may become very tough, though this would first mean identifying Wikileaks personnel.
The Defensive Posture of Today and Tomorrow
If there is one consistent theme of history, it’s that stopping the flow of information is virtually impossible. Cut off the Internet and people will start trading flash drives just like we did with floppy disks in the 1980s and 1990s.
In this sense, transparency becomes essential, as well as controlling the flow of information. What we’ll see as a result of technology is a desire at the top levels of government and organizations is to avoid using email or recording sensitive information, even though it may violate compliance laws.
As we move to the cloud to centralize data for ease of use, the VIPs will move their data offline and encrypt it to prevent hacking and breaches.If they do stay in the cloud, there will be a vast increase in the use of encryption at rest in both the cloud and on local computers. This way, the attempts to hack and steal data is vastly mitigated.
Cybersecurity is exploding at every level and as a 20-year veteran of the industry, it’s good to see people no longer treating it as an afterthought. Ultimately data is only as safe as one makes it, and if governments and organizations don’t take it seriously, they should expect greater leaks from disloyal employees and contractors who don’t like what they see.
Love them or hate them, WikiLeaks serves a purpose in that they should act as a warning to all who have data that needs protecting and defending.