While Wikileaks was implying that there was a government conspiracy to shut it down over the weekend, it is starting to look like the denial of service attack against it was a little over-stated.
Insecurity experts who monitored the disruptive traffic say the attack was relatively modest. While the WikiLeaks’ main web address and its “cable gate” site were unreachable it was hardly the “mass distributed denial-of-service attack” the organisation claimed.
Arbor Networks, which analyzes malicious network traffic crossing the internet’s backbones, said that the DDoS generated between 2 and 4 Gbps of disruptive traffic.
Jose Nazario, a senior security researcher at Arbor told Wired that a real mass DdoS attack would have hit the outfit for 60 to 100 Gbps. The network that hosted WikiLeaks can manage 12 to 15 gigs per second, so 2 to 4 gigs on top of that is not much.
What probably hurt WikiLeaks more was that a staff rebellion against Julian Assange’s rule cost the organisation a key technical volunteer responsible for its complex bulletproof backend.
The volunteer had set up a censorship-resistant system that decoupled WikiLeaks’ document archives from its public internet IP addresses. If it was attacked, the site could jump back to life within an hour.
The volunteer resigned in September, along with spokesman Daniel Domscheit-Berg and other staffers and took a lot of software with him. WikiLeaks was offline ever since.
Despite all this WikiLeaks was able to recover from Sunday’s DDoS attack relatively swiftly. It redirecting its web addresses to cloud servers in France and Ireland. Announced a functional “cable gate” site shortly after 4PM. It took about six hours which was not bad considering.
Hacktivist, “Jester” has taken credit for the DDoS. He has attacked websites said to be linked to radical Islam. He claimed that WikiLeaks was threatening the lives of “our troops and ‘other assets.