WikiLeaks founder Julian Assange has been sitting in a London prison for a year and is waiting for extradition to the USA. This week, the U.S. Department of Justice piled up more hacking conspiracy allegations against him, all related to his more than 10-year history of leading an organization that has exposed countless government and corporate secrets to the public. But in Assange's absence, another group started where WikiLeaks left off – and is also looking for new fights.
In the past year and a half, a small group of activists known as Distributed Denial of Secrets or DDoSecrets has quietly but steadily released a stream of hacked and leaked documents, from emails from Russian oligarchs to stolen messages from Chilean military leaders peeling corporate databases . At the end of last week, the group triggered its best known leak so far: BlueLeaks, a 269 gigabyte collection of more than a million police files, made available to DDoSecrets by a source associated with the hacktivist group Anonymous and emails, Audio files and interagency memos largely include law enforcement agencies drawn "fusion centers" that serve as hubs for information exchange. According to DDoSecrets, it is the largest publication of hacked US police data to date. It could put DDoSecrets on the map as the heir to WikiLeaks' mission – or at least as the mission it stuck to in its earlier, more idealistic years – and as the legacy of its endless battles against critics and censors.
"Our job is to archive and publish leaked and hacked data of potential public interest," wrote group co-founder Emma Best, a longtime transparency activist, in an SMS interview with WIRED. "We want to inspire people to report and publish accurate information regardless of their source."
Gun battle time
In another message, Best summarizes this mission in a Latin phrase that better captures the controversial nature – and inherent controversy – of DDoSecrets' work: "Veritatem cognoscere ruat cælum et pereat mundus". The slogan best translates: "Know the truth, even though the sky can fall and the world can burn."
The firefight has already started for DDoSecrets. On Tuesday evening, as media attention increased in connection with the publication of BlueLeaks, Twitter blocked the group's account and referred to a policy that hacked information should not be published. The company took an even more drastic step: removing tweets pointing to the DDoSecrets website, which maintains a searchable database of all leaks, and blocking some accounts from linking to the group's material.
According to Best, DDoSecrets, an addressless organization whose budget is mostly donated, is still planning an answer and the best way to publicize their leaks – possibly switching to Telegram or Reddit – but has no intention of doing so Prohibition to stop their work. "& # 39; Too dangerous for Twitter & # 39; is a Nixon shit that I wasn't expecting," says Best.
Right from the start, DDoSecrets was characterized by its willingness to publish not only the same types of raw data and hacked files that WikiLeaks has published for years, but also some that WikiLeaks itself has rejected. The group's first major release after its formation in late 2018 was a 175-gigabyte cache of Russian email, which contained a collection of communications from Russian political leaders and oligarchs from the Russian Interior Ministry to the arms exporter Rosoboronexport, provided by the Russian hacktivist group Sholtai Boltai along with other unknown sources.
WikiLeaks had received, but declined to publish some of the same documents as foreign policy revealed in 2017, saying it "rejects submissions that have already been published elsewhere or are likely to be considered insignificant". When DDoSecrets released the entire Russian collection in early 2019, the New York Times covered the document dump as a kind of counter-attack to the Kremlin's hacking and leaking operations aimed at the 2016 elections.
Six months later, DDoSecrets returned with # 29 Leaks, a collection of 15 years of hacked email from Formations House, a London-based finance company that helped create shell companies. These shell companies were tied to allegations of money laundering, including by arms dealers, car smugglers and the overthrown Ukrainian President Viktor Yanukovych.
A few months later, the pseudonymous hacktivist Phineas Fisher announced that he had broken into the network of Cayman National Bank and Trust, another player in the world of offshore banking. Fisher gave DDoSecrets the resulting 2 terabyte treasure of stolen data. The files revealed, among other things, how the former head of Azerbaijan's national security agency used allegedly misappropriated money to buy British real estate. According to DDoSecrets & # 39; Best, journalists are still dealing with the huge data set today.
With BlueLeaks, however, DDoSecrets has released a large leak of files from US organizations for the first time, which increases its use. Campaigners and journalists immediately found evidence that the FBI had been monitoring protesters' social accounts on behalf of local law enforcement agencies and tracking Bitcoin donations to protest groups. The leak also contains personally identifiable information about police officers and even bank details – although, according to Best BlueLeaks, has attempted to edit all identifiable victim information – which has caused controversy over the release and has undoubtedly contributed to the group's Twitter ban. (Twitter did not respond to a request for comment.) "The public has an interest in the identity of officials," Best writes.
This up-to-the-minute revelation, precisely tailored to police protests worldwide after George Floyd's murder, shows how the organization is developing, says Birgitta Jonsdottir, a former member of WikiLeaks and the Icelandic Parliament, who is now an adviser to DDoSecrets. "They remind me of the people who risked a lot for WikiLeaks back then," says Jonsdottir. "There has been a vacuum for a long time. I'm just glad that this is taking off with this very important leak at this point."
Learn from others' experiences
But Best, who identifies with the pronouns, says that DDoSecrets learned from the mistakes and successes of WikiLeaks. Best has worked with WikiLeaks in the past – the relationship was complicated; Best later released a treasure trove of the group's own leaked chats in 2018 – and points to a long list of WikiLeaks' s missteps: publication of materials without permission from a source, such as were found when e-mails were leaked from the Internet, government party of the Turkish Government; inexplicably refuse to publish leaked files, such as the Russia dump that DDoSecrets later published; or add unnecessary editorial twist to documents, as WikiLeaks argues with the Vault7 leak from CIA secrets.
Best of all, Error Assange specifically for trying to hide the fact that certain government-sponsored hackers provide documents when he suggested that the National Democratic Committee and Clinton Campaign documents may have come from the murdered Clinton employee Seth Rich . In fact, Russian military intelligence hackers stole the documents and made them available to WikiLeaks. According to Best, DDoSecrets are not afraid to publish files stolen by government-sponsored hackers if they are of genuine public interest. However, these documents are clearly identified as government-sponsored hackers, if DDoSecrets can determine them, and are kept on a portion of the website devoted to government hacking spoils. "Valid information is valid regardless of the source," says Best. "But the source is an important context."
DDoSecrets also takes a completely different approach to protecting the anonymity of sources than WikiLeaks. No WikiLeaks-style delivery system is hosted on a server protected by Tor anonymity software, as WikiLeaks and most other leaky websites did. Best says they don't really believe that DDoSecrets, an organization with no physical presence or headquarters, could adequately protect a physical server running an anonymous delivery system like SecureDrop. Instead, the group simply provides sources like Tor and the anonymous, short-lived operating system Tails with a list of recommendations for security tools and a variety of ways to reach them via an encrypted message.
The approach suggests that the group sees principled hackers as core sources rather than non-technical leaks or whistleblowers within companies, says Gabriella Coleman, a hack-focused anthropologist at McGill University who wrote a pioneering book on the hackivist group Anonymous has and is friendly with some DDoSecrets employees. The group's name, a reference to the distributed denial of service cyber security term, and its relationship with Phineas Fisher also indicate an intended target group of hackers. "With such a name, it signals a certain message to the hacker and hacktivist world in which they have certain relationships," says Coleman. "They like to accept leaks from whistleblowers, but they come from the hacking world. They will be very well positioned to take leaks from more progressive hackers." (Best declined to comment on the group's sources or which fraction are inside leakages to external hackers.)
Perhaps most importantly, according to DDoSecrets, the personality cult that has formed around Julian Assange should be avoided. The WikiLeaks guide had exercised almost monarchical rule before being charged with a computer hacking conspiracy and arrested last spring at the Ecuadorian embassy in London where he applied for asylum. According to Best, DDoSecrets is moving in the direction of a "co-op" model with a "horizontal structure" of leadership, with no one responsible for leading the group.
Former WikiLeaker Jonsdottir, who both criticized Assange and asked for support after his arrest, believes that this time will be different. "I don't see anyone in the organization who can be told the stories of Assange, a mysterious superhero," says Jonsdottir. "As Tina Turner said, we don't need another hero."
The Twitter ban after the release of BlueLeaks is a setback for the group. But Jonsdottir says it also shows the importance of the work they do. "You will definitely rise above it," says Jonsdottir. "Someone entrusted them with a massive leak at a critical time. And I'm excited to see if it will help to produce more of it."
This story originally appeared on wired.com.