For over a year we have received attacks on the site in the form of massive numbers of blog entries being received. They have recently reached a level whereby legitimate blogs are crowded out, effectively blocking criticism against Shell.
EMAIL SENT 11 NOVEMBER 2012 BY JOHN DONOVAN TO MR MICHIEL BRANDJES, COMPANY SECRETARY & GENERAL COUNSEL CORPORATE, ROYAL DUTCH SHELL PLC
From: John Donovan <firstname.lastname@example.org>
Subject: Constant attacks on the website royaldutchshellplc.com
Date: 11 November 2012 15:29:54 GMT
Dear Mr Brandjes
I would like to bring another serious matter to your attention.
I refer to the constant attacks on our website royaldutchshellplc.com.
There are three strands to the activity.
DENIAL OF SERVICE ATTACKS
The first is denial of service attacks where the site is flooded with traffic. We have upgraded our server a number of times in an effort to deal with these attacks, but the scale is such that even our latest high capacity dedicated server has crashed due to massive spikes in traffic, which cannot be due to normal activity.
BLOCKING SHELL BLOG ENTRIES
For over a year we have received attacks on the site in the form of massive numbers of blog entries being received. They have recently reached a level whereby legitimate blogs are crowded out, effectively blocking criticism against Shell. Blog postings arrive every few minutes 24/7 for several days. Then cease for a few days. The time interval between the blogs, during the periods when they are being received, is random. Multiple languages are used including Dutch, Greek, French and mainly English. Different IPS addresses are used for each blog. Different content, mostly nothing to do with Shell or related matters. The amount of text changes on every blog. Sometime just a few lines and sometimes a long screed. Different aliases are used on each posting. One posting contained a threat to hack the site. Despite the machinations, we have evidence that all of the blog activity comes from one source, with clues that the source is located in the Netherlands.
THREATS RELATING TO SAKHALIN ENERGY
We also receive forwarded emails almost every day, sometimes several times per day, from a source relating to Sakhalin Energy. The emails contain multiple languages. In more recent months, this party has also copied the emails to Mr Voser and to senior people at Gasprom, Sakhalin Energy and the UK police. The emails have contained implied threats against us personally arising from our intervention in the Sakhalin2 project. This party also seems to be located in the Netherlands.
We had initially wondered if some or all of the activity was due to mis-identification i.e someone thought they were attacking a Shell website. However, given the amount of time the attacks have gone on and the fact that we personally have been targeted, it seems that possibility can be ruled out.
We do not know if the multi-pronged attacks are co-incidental or coordinated.
Given the 24/7 nature of the blogging activity, it appears that someone has very deep pockets. Someone who does not like us very much.
I would be grateful if you could check whether an operation directed against us by Shell may have got out of hand?
As you know, Shell has used undercover activities against us in the past and more recently, set up a counter-measures team as well as initiating a global spying operation against us involving a Pittsburgh based agency with specialist expertise in cyber-crimes/warfare.
Is any of this activity still in progress?
I have recently brought these matters to the attention of a specialist UK police cyber-crimes unit as I understand that the activity I have described is unlawful.
COMMENT RECEIVED FROM A SHELL RELATED SOURCE
I just do not believe this is hobbywork of some kids, too much dedication involved.
Sometime in the future this would make for a nice article in a magazine. How to protect your basic right of expressing your views. Anyone can go to Hydepark and give a speech. Just imagine if one of these guys would be continuously hassled or harassed? The police would do something. But with cybercrime it is too difficult so they let it go.
Your job obviously is not finished. And if ever in the future it would be proven that Shell is behind this (I doubt you can ever get this proof) all hell will break loose!
REPLY BY JOHN DONOVAN
In our experience it is routine for Shell to use third parties for any skullduggery. This is partly to create plausible denial. But third party whistleblowing, betrayal, or incompetence, can expose the real culprit behind corporate sponsored misdeeds, as happened with Shell uncover agents Manfred Schlickenrieder and Christopher Philips. Later today we will publish a current example of a disgruntled third party exposing alleged corruption sponsored by Shell. RDS Company Secretary Mr Michiel Brandjes has the relevant evidence and related emails, which includes an email sent this morning to Shell CEO Peter Voser. We have given Shell the opportunity to refute authenticity and to supply comment for publication on an unedited basis. Shell also has the opportunity to seek an injunction to prevent publication. If we do not receive a response from Shell by 4pm this afternoon, we will put the information into the public domain without further reference to Shell.
RESPONSE RECEIVED FROM SHELL
Subject: RE: Constant attacks on the website royaldutchshellplc.com
Date: 12 November 2012 14:29:22 GMT
Dear Mr Donovan,
The company is not involved in any of the things you describe below and has no knowledge thereof either.
Company Secretary and General Counsel Corporate
Royal Dutch Shell plc
Registered office: Shell Centre London SE1 7NA UK
Place of registration and number: England 4366849
Correspondence address: PO Box 162, 2501 AN The Hague,
COMMENT BY JOHN DONOVAN
I have no doubt that as far as Mr Brandjes is concerned, what he has stated on behalf of Shell is correct.
No comment thus far on the alleged corruption matter raised separately. Perhaps a reply will arrive shortly?