PayPal Caves and Releases WikiLeaks Funds; Who's Next?

Score one for the hacktivists: PayPal (EBAY) has caved to cyberattackers who support WikiLeaks. The online payment company released funds it had held back since last Friday. The lesson? When you find the right point of pain, intimidation can go a long way. The question is who else will crack? And is this just a sign of things to come?

Right now, activist hackers are using their Operation Payback infowar to attack institutions and people they saw as hostile to WikiLeaks and its founder, Julian Assange. They brought down the site of MasterCard (MC) and Visa (V) as well. for restricting accounts and affecting the organization's ability to raise and collect funds. Amazon (AMZN) is a likely target, as payback for kicking WikiLeaks off its cloud hosting service.

Now that the hacktivists have scored a first victory, the question is: how many, if any, of the other targets will fold? PayPal likely used the money as a peace offering, but even it hasn't returned the account to normal status. This amount of direct pressure from the federal government is difficult for a corporation to ignore. However, seldom do things reach such a state. Could it be that, going forward, hacktivists taking action on far less high-profile cases will find companies far more receptive to give in and get back to work? After all, this type of cyber arm twisting has been around for years, only out of the public eye.

Government pressures PayPal

PayPal was one of several channels that WikiLeaks used to gather funds. On December 3, PayPal issued a brief statement that it had locked out WikiLeaks:

PayPal has permanently restricted the account used by WikiLeaks due to a violation of the PayPal Acceptable Use Policy, which states that our payment service cannot be used for any activities that encourage, promote, facilitate or instruct others to engage in illegal activity. We've notified the account holder of this action.

Although PayPal tried to portray the action as simply following its usual policies, there was additional impetus: quiet pressure from the U.S. State Department, which had alleged that WikiLeaks was breaking the law, even though it has not publicly made clear which U.S. laws the whistleblowing site was breaking.

Cyberattack worries

One of the signs that you're a successful payments company is that hackers start to target you, this case isn't anything different.

Sometime Thursday, PayPal had changed its mind and released the WikiLeaks funds, although it did not reinstate the account. And the company took pains to try and create a nuanced statement by General Counsel John Muller to show that it wasn't giving in to hackers:

We understand that PayPal's decision has become part of a broader story involving political, legal and free speech debates surrounding WikiLeaks' activities. None of these concerns factored into our decision. Our only consideration was whether or not the account associated with WikiLeaks violated our Acceptable Use Policy and regulations required of us as a global payment company. Our actions in this matter are consistent with any account found to be in violation of our policies.

Online protection rackets

The lesson? Organized groups really can interrupt your operations. In August 2009, a series of attacks affected Facebook, Twitter, and Google. Spending adequate money on computer security isn't a black hole when you consider the financial implications of hours of outage.

Related:

• WikiLeaks Cyberwar! Business Is a Target -- and Also Collateral Damage
• Twitter vs. WikiLeaks: Algorithms Are Uncontrolled Corporate Spokespeople
• WikiLeaks Puts Corporations on Red Alert. First Responders: The Lawyers
• The Wrong WikiLeaks Lesson: Clamp Down on Info Sharing
• WikiLeak vs Bank of America: How to Maintain Morale Amid A PR Crisis
• Bank of America is Not the Only Company that Should Fear WikiLeaks