WikiLeaks 'redirected' Web traffic to dodge attack, Ann Arbor firm concludes in analysis
WikiLeaks, the group that released hundreds of thousands of confidential government documents revealing diplomatic secrets this weekend, used a network of "mirror sites" to dodge an attempt by hackers to shut its website down, according to an analysis released this morning by an Ann Arbor company.
Ann Arbor-based Arbor Networks, whose security software monitors Internet traffic for 70 percent of the world's Internet service providers, concluded that WikiLeaks "redirected" an attack from its Swedish hosting service to off-site servers in Ireland to avoid problems.
Arbor Networks chief scientist Craig Labovitz said in a blog post that Arbor's data indicates the so-called "distributed denial of service attack" started at 10:05 a.m. EST Sunday. In such an attack, hackers try to shut down servers by overwhelming them with Web traffic.
Labovitz indicated that Arbor could not pinpoint the source of the attack on WikiLeaks but noted that "governments and vigilante hacker groups" have come under suspicion.
"While the DDOS attack generated an outpouring of blog posts, news articles and tweets, it appears to have had little impact on the WikiLeaks 'Cablegate' disbursement of documents," Labovitz wrote.
The firm is based in Massachusetts but employs about 90 workers at its research-and-development headquarters on South State Street in Ann Arbor. Arbor has said it plans to add about 30 jobs in Ann Arbor by the end of 2011.