December 17, 2010, 1:11 PM — Headlines to the contrary, the WikiLeaks hacktivist attacks against Visa, MasterCard, PayPal and others last week were relatively small and disorganized, a security expert said.
"Despite the press the attacks received, they were small potatoes," said Craig Labovitz, chief scientist at Chelmsford, Mass.-based Arbor Networks and an authority on the security of the Internet's infrastructure.
In a long post to Arbor's blog earlier in the week, Labovitz compared the scale and sophistication of the pro-WikiLeaks distributed denial-of-service (DDoS) attacks to 5,000 confirmed DDoS attacks during 2010.
Labovitz's conclusion: The WikiLeaks attacks were "unremarkable."
"I'd call this the cyber equivalent of a French trucker's strike," said Labovitz in an interview Thursday. "It certainly wasn't a war, as some headlines have claimed. It was a form of protest, but one with collateral damage."
The DDoS attacks were aimed at sites belonging to Amazon.com, MasterCard , PayPal and the Swiss payment transaction firm PostFinance, apparently in retaliation after each terminated WikiLeaks accounts or pulled the plug on services. Similar attacks targeted sites of U.S. Sen. Joseph Lieberman (I-Conn.) and Sarah Palin, the former governor of Alaska. Both had blasted WikiLeaks for releasing a trove of confidential U.S. State Department cables late last month.
But when Labovitz compared those attacks with statistics compiled by Arbor -- the company supplies anti-DDoS technologies to about 75% of the world's Internet service providers -- he found the WikiLeaks campaigns wanting.
According to Labovitz, neither the round of initial attacks that targeted WikiLeaks itself or the later retaliatory strikes were massive flooding DDoS or ultra-sophisticated application level attacks.
"The type of [application level] queries from LOIC were unsophisticated," said Labovitz, referring to a free tool, Low Orbit Ion Cannon , that many of the attack participants used. "A sophisticated attack uses the right order of queries, the right set of API calls to bog down the system." The hacktivist attacks showed no traces of either.
Nor were those attacks massive.