"The WikiLeaks Twitter account displays the messages, "We are currently under another DDoS attack," and "DDoS attack now exceeding 10 Gigabits a second," which dwarfs the 2-4 Gbps attack perpetrated by self-proclaimed "patriot hacker" known only as The Jester (th3j35t3r)..."
* * *
Infamous anti-jihadi hacker The Jester (th3j35t3r) is claiming responsibility for a denial of service attack (DoS) attack that temporarily disabled the WikiLeaks website just hours before the release of thousands of classified documents.
WikiLeaks, the secret-sharing website led by fugitive founder Julian Assange, has been plaguing the U.S. government with repeated postings of leaked materials.
The WikiLeaks Twitter account carried the message, "We are currently under a mass distributed denial of service attack," for several hours on Sunday.
The Jester Tweeted that he was carrying out the attacks, "for attempting to endanger the lives of our troops, 'other assets' & foreign relations..."
During the WikiLeaks website outage, The Jester's Twitter page indicated that he was conducting the denial of service attack, although several of the Tweets have since been deleted.
The following screenshot shows the missing messages:
Earlier this year, I conducted several interviews with The Jester regarding his repeated attacks against militant Islamic websites, including successful disruptions of sites administered by the Taliban and by Iranian President Mahmoud Ahmadinejad.
DoS attacks are nothing new, and are usually perpetrated by flooding a target server with simultaneous communications through a number of different techniques, but The Jester has developed a method that represents a new twist on the tactic.
He employs an innovative tool he calls XerXeS, which can produce an automated DoS attack without relying on an army of zombie computers controlled through a botnet, and the attack can be carried out with one low-spec computer.
"Okay it started with a little script I wrote a while back to harden-test servers," The Jester told me in February.
"I modified this script, and it was just a nasty script, very cumbersome. When I realized the extent of the jihad online recruiting and co-ordination involvement (much later), I realized I could turn this script into a weapon."
"XerXes requires no zombie network or botnet to be effective. Once a single attacking machine running XerXeS has smacked down a box, it's down, there is no need for thousands of machines. But, XerXeS does not hurt intermediary nodes along its path to the target. So the answer is that such institutions’ systems would still be intact, as it causes no collateral damage, just not functional."
I witnessed several live demonstrations of XerXeS capabilities, and The Jester subsequently supplied Infosec Island with two exclusive videos of the technique in action:
The videos show the high level of control XerXeS commands, as The Jester is able to take down a target website in a matter of minutes, and return the website to an operable state in seconds.
"Many people worry about the nodes between me and the target. This technique affects nobody but the intended target. All intermediaries remain unaffected," The Jester stated.
Now it appears The Jester is not limiting his attacks to militant jihadi websites, and has decided to unleash the wrath of XerXeS on the WikiLeaks outlet.
The bulk of the documents to be posted by WikiLeaks were previously provided to several news agencies, so the disruption to the WikiLeaks website would not have prevented the release of the so-called "Embassy" documents.
The classified data dump is supposed to contain diplomatic communications that reveal some unflattering statements from U.S. officials regarding the leadership of several allied nations, as well as information on international hot spots like North Korea, Iran and Iraq.
Denial of service attacks can take down a website for several hours or even days, and the tactic is becoming more widely used in attempts to censor information and further political agendas.
The majority of servers deployed in the public and private sectors are susceptible to such attacks, and preventative measures to thwart DoS vulnerabilities can be expensive to implement.
When I asked The Jester why he conducts the attacks and how he chooses his targets, he explained, "There is an UNEQUAL amount of good and bad in most things, the trick is to work out the ratio and act accordingly."
* * *
Infosec Island is a vendor-neutral professional community committed to serving the needs of SMBs and mid-market enterprises, and large corporations across multiple industries, government agencies, educational organizations, legal, financial, and healthcare sectors. Membership is free.