Wikileaks: the survival lessons

Wikileaks: the survival lessons

Summary: WikiLeaks has been hit with denial-of-service attacks. Service providers have pulled the plug, from Amazon Web Services and PayPal to its DNS provider.

SHARE:
TOPICS: Cloud, Security
1

Wikileaks has been hit with denial-of-service attacks. Service providers have pulled the plug, from Amazon Web Services and PayPal to its DNS provider. Yet it survives.

Whether you agree with its plan to release vast quantities of secret documents or not, it's an excellent case study. What are the lessons for you and your business?

"[T]he attack of WikiLeaks ought to be a wake-up call for anyone who has rosy fantasies about whose side cloud computing providers are on. The Terms and Conditions under which they provide both 'free' and paid-for services will always give them grounds for dropping your content if they deem it in their interests to do so," wrote John Naughton, an Irish journalist, academic and internet commentator now based in the United Kingdom. "Put not your faith in cloud computing: it will one day rain on your parade."

In Patch Monday this week, we talk to a panel of guests about what Wikileaks is doing to survive and how it might apply to any business, as well as speculate on what might happen in the coming weeks.

Mark Newton is a network engineer with a major Australian internet service provider, and a frequent media commentator on internet matters. He describes Wikileaks' latest strategy for distributing their data as a "bespoke cloud-based CDN [content distribution network] that is enabled by the Streisand Effect".

Crispin Harris is an information security specialist, currently working with one of Australia's largest resources companies. He's previously told ZDNet Australia that the main risks you need to manage with cloud computing are about getting the contracts right. He sees Wikileaks' challenge as an exercise in business continuity planning.

And Benno Rice is a "platform architect", planning the infrastructure for large-scale web applications. He sees the process of assessing the risks against applications as being similar to security testing — finding out where there's weakness and covering for it.

As usual, Patch Monday also includes our random look at the week's IT news.

To leave an audio comment for Patch Monday, Skype to stilgherrian, or phone Sydney 02 8011 3733.

Running time: 28 minutes, 58 seconds.

Topics: Cloud, Security

About

Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust.

He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit trap, clear a jam in an IBM model 026 card punch and mix a mean whiskey sour.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Getting the contracts right!!! I couldn't agree more. Transparency from day one and making sure every case scenario is catered for is paramount. I wonder if the US government forcing your site to shut down was in their disaster recovery plan? In Wikileaks business, it should have been. Never the less, this in awesome case study for organisations making a cloud move, and also for those companies already on the cloud to review their contracts.
    cloud_zone