Gawker.com was one of the first big success stories of online media: as a Web log (rather than a Web site associated with a legacy print publication) covering New York's media and celebrity culture, it demonstrated the power of social media, as well as its commercial viability, with rapid growth after its debut under owner Nick Denton and founding editor Elizabeth Spiers back in 2003. Sister sites like Jezebel and Gizmodo did the same for fashion and gadgetry, respectively. Thus it is ironic that this pioneering social media site should be brought to a standstill by social media, through social media, and because of social media.
For much of the last day the normally prolific blog was paralyzed by a security breach perpetrated by hackers operating under the alias "Gnosis" (Greek for "knowledge"), according to The New York Times. The hackers claimed to have gained access to user names, emails, and passwords for 1.5 million accounts, either through decryption or simple "brute force" attacks which involve automated guessing. The hackers published key parts of Gawker's proprietary code as well as information for some Gawker staff member accounts, noting that thousands of members had simply chosen "Password" as their password. Adding insult to injury, the hackers further publicized the invasion by hijacking Gizmodo's Twitter account and laying out some additional details of the breach.
In statement posted on Gawker Media sites advising users to change their passwords, the company issued this mea culpa: "We're deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us."
So who's behind the attacks? No one can say for sure, but some likely suspects include members of the 4chan online forum and the hacking collective known only as Anonymous. Gawker had been critical of 4chan in the past, and may have fallen afoul of Anonymous for criticizing Julian Assange and his controversial WikiLeaks Web site; according to the Village Voice, one of the tweets on the hacked Gizmodo Twitter account voiced support for WikiLeaks.
Coming just days after concerted attacks by Anonymous on the Web sites of credit card companies which shut down WikiLeaks fundraising accounts, the attack on Gawker.com makes it abundantly clear that the Web is still very much a "Wild West" environment. Vigilantes and outlaws can still outmaneuver the forces of law and order (at least temporarily, and long enough to achieve their aims) because security measures intended to protect privacy and property remain vulnerable to individuals with the right technical skills. As a result, large numbers of ordinary Internet users can be victimized by small, committed groups of cyber-bandits who enjoy the advantages of stealth and an informal, de-centralized organizational structure.
The implications for online media of all types, including social media, are dire: if a popular and well-known Web site can be breached this way, is there any reason for confidence in the security measures employed by much larger sites like Facebook and Google? Yes, these companies will reassure users and advertisers they have taken abundant precautions -- but who's to say these aren't vulnerable to even more sophisticated hackers (especially if they're drawing on the resources of a corporate rival or nation state)?