Cyber Incident Victim: Anonymous
Date:
Nov 2016
Location:
United States of America
Summary
WikiLeaks experienced a targeted distributed denial-of-service (DDoS) attack following its publication of over 8,000 additional Democratic National Committee emails, causing temporary service disruption and prompting an internal investigation. The incident occurred near the US presidential election, amid prior releases of internal party communications that revealed preferential treatment toward Hillary Clinton during the primary campaign. Julian Assange attributed the cyberattacks—which included both DDoS and attempted intrusions—to entities aligned with the Washington establishment, while analysts linked the original DNC data breach to a persona suspected of being a Russian intelligence front. Both WikiLeaks and Russian officials denied involvement in the email leaks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 7, 2016, WikiLeaks reported experiencing a targeted distributed denial-of-service (DDoS) attack against its email publication servers, occurring less than 24 hours after releasing over 8,000 emails from the Democratic National Committee (DNC). This incident followed a prior release of approximately 50,000 emails from Hillary Clinton campaign aide John Podesta, published just days before the U.S. presidential election. WikiLeaks first alerted its followers via social media on the morning of November 7, stating its website had been briefly down—a rare occurrence—and that it was investigating. Later updates confirmed a sustained DoS attack specifically targeting its email publication infrastructure following the #DNCLeak2 release. Julian Assange attributed the attack to "forces aligned with the DC establishment," alleging both DDoS and attempted hacking operations aimed at disrupting WikiLeaks' operations during this critical period. The organization did not disclose technical specifics of the attack vectors or mitigation measures beyond acknowledging the disruption.
The DNC email releases exposed internal party communications, including evidence of preferential treatment toward Hillary Clinton over Bernie Sanders during the primary elections and strategic preparations for media engagements. One notable email from April 25, 2016, revealed DNC staff compiling suggested interview questions for a CNN segment with Donald Trump. While Guccifer 2.0 claimed responsibility for providing the hacked DNC data to WikiLeaks, cybersecurity analysts assessed this persona likely served as a front for Russian intelligence operations. Both WikiLeaks and the Russian government denied involvement in the original DNC breaches. The Clinton campaign responded preemptively to anticipated leaks, with communications director Jennifer Palmieri warning on November 6 about potential fake disclosures, prompting a public rebuttal from WikiLeaks accusing the campaign of dishonesty. The attacks occurred amid heightened tensions over election interference allegations, though the DDoS incident did not prevent continued public access to the published documents.