Eurocommissaris Kroes (Digitale Agenda): WikiLeaks dwingt overheden transparanter te zijn (en)
EUOBSERVER i / BRUSSELS - The WikiLeaks disclosure of US diplomatic cables highlights the need to secure networks and individuals from hackers, EU digital agenda commissioner Neelie Kroes i has said.
At the same time, the phenomenon stresses the need for governments to be "as transparent and open as possible," which entails the "practical advantage" of reducing the amount of information that needs to be secured, she declared.
Speaking out almost three weeks after the whistleblower started publishing the leaked US cables, Ms Kroes on Thursday (16 December) during a joint US-EU cybersecurity event in Washington drew the first lessons for the EU from the Wikileaks phenomenon.
The 69-year old Dutch politician distinguished between three security incidents regarding WikiLeaks: first, the leak itself, believed to be acquired by a 22-year old US army soldier who copied all the documents onto a CD which he allegedly brought into his office to listen to pop singer Lady Gaga.
"From a cyber-security angle, this highlights the need for all organisations and individuals to protect themselves against threats to steal confidential information," Ms Kroes said.
But she also stressed the need for governments to be "as transparent and open as possible."
"I think that is an important value, but it also has a major practical advantage: it reduces the amount of information that requires special protection," the Dutch Liberal said.
On WikiLeaks being subsequently ousted from the US-basned servers and its domain name being taken down by the US company DNS, Ms Kroes asked the question if these providers "violated the terms of service" and if their location (on US soil) contributed to the decision.
"When problems arise with globally distributed services all private operators and public authorities should be able to act with some legal certainty," Ms Kroes cautiously told the US audience.
The third incident were the "hacktivist attacks" on WikiLeaks and then on sites like Amazon, Paypal and Visa in retaliation for these companies having denied service to the whistleblower. The term 'hacktivist' refers to online volunteers who allowed their computers to be used as bots - zombie computers used in mass-scale attacks which jam traffic to the website.
"A hacker called Jester mounted a denial of service (DoS) attack against the Wikileaks website. Later, in support of WikiLeaks, the group Anonymous distributed a software (LOIC) to mount voluntary distributed denial of service (DDoS) attacks against Visa, Paypal and governmental sites," Ms Kroes recalled.
As the number of computers used in the attacks was apparently only a few hundreds, the commissioner noted that "such attacks can be organised by just a few" and also that most of these owners voluntarily gave access to their computers.
"However, the "victim" services have also proved quite robust and agile, which demonstrates the resilience of the cloud architectures we have in place," she said.
As a consequence, the EU was now looking at criminalising the setting up of botnets and attacking information systems, she said. Also, the commission was aiming at rendering more effective justice and police cooperation in the cyber-area.
Meanwhile, in London, WikiLeaks founder Julian Assange has finally left police custody, after his bail was approved following the rejection of a Swedish appeal. While Swedish prosecutors are pursuing an alleged sexual abuse case, US authorities are also mounting a spying case against him, his lawyers said.