December 11, 2010
He is one of the newest recruits to Operation Payback. In a London bedroom, the 24-year-old computer hacker is preparing his weaponry for this week's battles in an evolving cyberwar. He is a self-styled defender of free speech, his weapon a laptop and his enemy the US corporations responsible for attacking the website WikiLeaks .
He had seen the flyers that began springing up on the web in mid-September. In chatrooms, on discussion boards and inboxes from Manchester to New York to Sydney the grinning face of a Guy Fawkes mask had appeared with a call to arms. Across the world a battalion of hackers was being summoned.
"Greetings, fellow anons," it said beneath the headline Operation Payback. Alongside were a series of software programs dubbed "our weapons of choice" and a stark message: people needed to show their "hatred".
Like most international conflicts, last week's internet war began over a relatively modest squabble, escalating in days into a global fight.
Before WikiLeaks, Operation Payback's initial target was America's recording industry, chosen for its prosecutions of music file downloaders. From those humble origins, Payback's anti-censorship, anti-copyright, freedom of speech manifesto would go viral, last week pitting an amorphous army of online hackers against the US government and some of the biggest corporations in the world.
Charles Dodd, a consultant to US government agencies on internet security, said: "[The hackers] attack from the shadows and they have no fear of retaliation. There are no rules of engagement in this kind of emerging warfare."
The battle now centres on Washington's fierce attempts to close down WikiLeaks and shut off the supply of confidential US government cables. By Thursday, the hacktivists were routinely attacking those who had targeted WikiLeaks, among them icons of the corporate world, credit card firms and some of the largest online companies. It seemed to be the first sustained clash between the established order and the organic, grassroots culture of the net.
But the clash has cast the spotlight wider, on the net's power to act as a thorn not only in the side of authoritarian regimes but western democracies, on our right to information and the responsibility of holding secrets. It has also asked profound questions over the role of the net itself.
One blogger dubbed it the "first world information war".
At the heart of the conflict is the WikiLeaks founder, the enigmatic figure of Julian Assange – lionised by some as the Ned Kelly of the digital age for his continued defiance of a superpower, condemned by his US detractors as a threat to national security.
Calls for Assange to be extradited to the US to face charges of espionage will return this week. The counteroffensive by Operation Payback is likely to escalate.
The targets include the world's biggest online retailer, Amazon – already assaulted once for its decision to stop hosting WikiLeaks-related material – Washington, Scotland Yard and the websites of senior US politicians. There is talk of infecting Facebook, which last week removed a page used by pro-WikiLeaks hackers, with a virus that spreads from profile to profile causing it to crash. No one seems certain where the febrile cyber conflict will lead, only that it has just begun.
At 9.15am last Tuesday a thin, white-haired figure left the Frontline Club, the west London establishment dedicated to preserving freedom of speech, and voluntarily surrendered to police. After two weeks of newspaper revelations concerning countries from Korea to Nigeria, and figures such as Silvio Berlusconi and Prince Andrew, a warrant for Assange's arrest had just been received by British police. It was from Swedish prosecutors eager to question him on unrelated allegations of rape.
The response to WikiLeaks' cable release had been savage, particularly in the US. Mike Huckabee, a former Arkansas governor, said those who passed the secrets to Assange should be executed.
Sarah Palin demanded Assange be hunted in the same way an al-Qaida operative would be pursued. The US attorney general Eric Holder ordered his officials to begin a criminal investigation into Assange with the intention of putting him on trial in the US. News of his arrest, even on unrelated charges, pleased the US authorities. "That sounds like good news to me," said Robert Gates, US secretary of defence.
Yet even as Assange prepared to appear in a London court last week, an unlikely alliance of defenders had begun plotting to turn on the forces circling WikiLeaks. They were beginning to attack Amazon, which had been persuaded to sever links with WikiLeaks by Joe Lieberman, who heads the US Senate's homeland security committee; they also hit every domain name system (DNS) that broke WikiLeaks.org's domain name: Mastercard, Visa and Paypal, which stopped facilitating donations to the site, and the Swiss post office which froze WikiLeaks' bank account.
Operation Payback was hitting back alongside a fledgling offshoot, Operation Avenge Assange, both operating under the Anonymous umbrella. These are a loose alliance of hackers united by a near-obsessive desire for information libertarianism who congregate on the website 4Chan.org.
The cyberwar did not only involve obvious symbols of authority, though. For days, from their darkened chatrooms, the Anonymous ones had been watching a hacker called the Jester who seemed to be co-ordinating a series of attacks on internet service providers hosting WikiLeaks.
They had noticed the Jester's pro-censorship credentials, deducing he must be receiving help.
Speculation mounted that the Jester was a shadowy conduit working at the behest of the US authorities. "We wondered who was really behind his anti-WikiLeaks agenda," said a source.
Attempts to railroad WikiLeaks off the net quickly failed. Removing its hosting servers has increased WikiLeaks' ability to stay online. More than 1,300 volunteer "mirror" sites, including the French newspaper Libération , have already surfaced to store the classified cables. Within days the WikiLeaks web content had spread across so many enclaves of the internet it was immune to attack by any single legal authority.
In some respects, WikiLeaks has never been safer or as aggressively defended. As Assange was remanded in custody and taken to Wandsworth jail, Anonymous vowed to "punish" the institutions that had axed links with the website under pressure from the US authorities. The websites of Visa, Mastercard and PayPal were brought down; so too the Swedish government's.
One Anonymous hacker said: "I've rambled on and on about the 'oncoming internet war' for years. I'm not saying I know how to win. But I am saying the war is on."
Unsurprisingly, the timing of Assange's arrest and aspects of Sweden's initial handling of the sexual allegations prompted his lawyer Mark Stephens to denounce the moves as politically motivated. A computer hacker himself, Assange, 39, achieved both instant notoriety and adulation when WikiLeaks published batches of damaging US files relating to the Afghan war in July. This fame led him to Stockholm a month later to deliver a lecture entitled: "Truth is the first casualty of war." It was a sellout. One leftwing commentator likened it to "having Mick Jagger in town".
That night – 14 August – Assange stayed with the conference organiser at her flat in Södermalm, a former working class area of the city centre that has become Stockholm's equivalent of London's Islington. Three days later, in keeping with his habit of regularly changing addresses, Assange stayed in Enköping, a town 100 miles from Stockholm, with another woman who had also attended his lecture on the importance of truth in a war zone.
Assange left Sweden on 18 August and the women went together to the police the next day. According to Claes Borgström, their lawyer, the women did not know each other before going to the police. Initially, he said, the women wanted some advice, but the police officer concluded a crime had been committed and contacted the duty public prosecutor.
In court last week Assange was alleged to have had sex with unlawful coercion with a woman who was asleep and to have sexually molested the other by having sex without a condom.
In Sweden, among the country's community of hackers and left-leaning political activists, the timing is viewed as coincidental rather than conspiratorial.
"The Americans are very lucky indeed that Assange screwed around in Sweden, a society which takes rape allegations very seriously,'' said Åsa Linderborg, culture editor of the leftwing Aftonbladet tabloid. Film-maker Bosse Lindquist, whose WikiLeaks investigation will be broadcast on Swedish TV tonight, and who has spent many hours with Assange over the past few months, said Assange's attitude to women did not seem in any way striking.
"If you look at the two prosecutors involved in investigating the rape allegations, they are not types you would imagine bowing to any kind of pressure from, say, the Swedish government or the United States.''
A senior civil servant, who requested anonymity, also dismissed allegations of political plotting against Assange, arguing that Swedish culture is often misunderstood. "Swedes do not have an iconoclastic tradition in which you build people up then demolish their reputations. Even when people are celebrities, we accept that they may have questionable private lives. Swedes are capable of seeing the advantages of WikiLeaks while conceding that Assange may have unsavoury morals between the sheets.''
Linderborg, though, says there is a widespread sense in Sweden that Assange's rise to fame fuelled his libido and ego.
"Plenty of women are attracted by his underdog status and the supposed danger of spending time with him. He has several women on the go at once. One person told me he screws more often than he eats,'' Linderborg said.
Of course, given the nature of the web, the allegations have triggered a series of attacks on both women's characters with lurid claims of "women who cry rape" and "bitches trying to send an innocent man to prison".
Those monitoring the chatrooms used by Operation Payback say its hackers have set aside the sexual allegations, instead concentrating their efforts on amassing greater potency for the next phase of the WikLeaks fightback. The weapons deployed last week were "denial of service" attacks in which online computers are harnessed to jam target sites with mountains of requests for data, knocking them out of commission.
The initial attacks against the Swiss PostFinance required about 200 computers, according to one Anonymous source. Yet within a day hackers were able to recruit thousands more pro-WikiLeaks footsoldiers. By the time the Visa and Mastercard websites were disrupted last Wednesday, close to 3,000 computers were involved.
Anonymous leaders began distributing software tools to allow anyone with a computer to join Payback. So far more than 9,000 users in the US have downloaded the software; in second place is the UK with 3,000. Germany, the Netherlands, Canada, France, Spain, Poland, Russia and Australia follow with more than 1,000. The 11th country embroiled in the attacks is Sweden, where WikiLeaks's massive underground servers are housed, with 75 downloads.
Sean-Paul Correll, a cyber threat analyst at Panda Security, who has monitored Operation Payback since its conception, said it was impossible to "profile" those involved. "They are anonymous and they are everywhere," he said. "They have day jobs. They are adults and kids. It is just a bunch of people." Middle-class professional members working alongside self-styled anarchists.
Ostensibly, Anonymous is a 24-hour democracy run by whoever happens to be logged on; leaders emerge and disappear depending on the target that is being attacked and the whims of members. Correll said: "This group does not exist with some sort of hierarchy. It exists with a few organisers but these can change at any time. That gives the group great power in that it is impossible to trace and define. At the same time it is also a source of weakness as its actions can be unfocused."
Ideas are floated on internet bulletin boards, whose location moves daily to evade detection. Ultimately a proposal hits a democratic "tipping point" and action is taken.
A major test of Payback's mounting firepower will be Amazon, given the size of its servers. The attempt to attack the site last Thursday was half-hearted, but nevertheless audacious. Now sources estimate they would need between 30,000 and 40,000 computers to hurt Amazon and there is a growing feeling among hacktivists that it could happen. If it does, the retailer could lose millions of dollars during the Christmas season.
So far, though, most of the attacks have been principally designed to register protest rather than destabilise companies financially, opting for their public websites rather than their underlying infrastructure.
Two of the internet's most important social networking sites – Twitter and Facebook – are also becoming targets of elements within Anonymous.
Twitter upset hackers last week by removing the Anonymous account – which had 22,000 followers – amid speculation that it was preventing the term #wikileaks appearing on its trending topics. The Anonymous page on Facebook was removed for violating its conditions, a move that has similarly annoyed a cohort of hackers. Both Facebook and Twitter have won praise in recent years as outlets for free speech, yet both also harbour corporate aspirations that hinge on their ability to serve as advertising platforms for other companies.
Their use by Anonymous to direct people planning attacks has, according to many analysts, placed both in a difficult position. Facebook, which still has sites eulogising murderer Raoul Moat and Holocaust deniers, said it drew the line on groups that attack others, a bold move considering the site's WikiLeaks page boasts more than 1.3 million supporters. Any evidence that both sites yielded to US pressure and the gloves would be off. So too for any organisation that yields to American demands over WikiLeaks.
Evgeny Morozov, author of The Net Delusion , a book which argues the internet has failed to democraticise the world successfully, believes the attacks are already viewed by Washington "as striking at the very heart of the global economy".
Another emerging target in the weeks ahead is the US government itself. For a brief time last Tuesday, senate.gov – the website of every US senator – went down. Cyberguerillas claim it is a possible sign of things to come.
The trajectory of the WikiLeaks controversy is almost impossible to predict. On Tuesday Assange will attend his next bail hearing. Although supporters have stumped up £180,000, it is expected bail will be refused, pending a full hearing of Sweden's extradition request. However his lawyer may also reveal fresh claims of US interference in the saga.
Regardless of the fate of its founder, WikiLeaks will continue releasing declassified cables. At the moment only several hundred of 250,000 cables have been publicised.
Analysts now describe the organisation's structure as a "networked enterprise", a phrase that has been used in the past in relation to al-Qaida.
For all the US attempts, it is clear the attacks on WikiLeaks have made minimal impact and are unlikely to affect the availability of the information that WikiLeaks has already leaked.
Meanwhile, Senator Lieberman has indicated that the New York Times and other news organisations using the WikiLeaks cables may be investigated for breaking US espionage laws. At present, who will win the "world's first information war" remains unclear.
Morozov said: "There will be many more people from the CIA and NSA [National Security Agency] hanging out around them."
But the conflict increasingly seems likely to target the real profits of US corporations. Today a 24-year-old from London will ready his weapons for the battle ahead.