Thursday, 3 May 2012

Attack takes Soca crime agency website down



The website of the UK's Serious Organised Crime Agency (Soca) has been taken offline following a cyber-attack.
Soca confirmed to the BBC that soca.gov.uk had suffered a Distributed Denial of Service (DDoS) attack.
A spokesman said the site was taken offline at 22:30 on Wednesday, but that the attack did not "pose a security risk to the organisation".
Soca has recently shut down 36 websites believed to be selling stolen credit card information.
'No security risk'
"We took action to limit the impact on other clients hosted by the [same] service provider," the spokesman said.
"DDoS attacks are a temporary inconvenience to website visitors but do not pose a security risk.
"Soca's website contains only publicly available information and does not provide access to operational material."
Soca would not confirm if it knew the source of the attack or the motive.
A DDoS attack is a common technique in which sites are overloaded with data requests, causing them to fall over.
Last month, Soca was part of a joint effort with the US Federal Bureau of Investigation to shut websites associated with selling stolen financial information.

Soca said 2.5 million items of compromised data were recovered, preventing a potential fraud estimated at £500m.
Wasps and ice cream
The website has been targeted in the past by members of "hacktivist" group LulzSec. In June 2011, they forced the site offline using similar tactics.
Alleged members of the group were subsequently arrested in connection with the attack.
Security expert Rik Ferguson, from Trend Micro, said that while DDoS attacks could be prevented for many sites, including Soca, the cost may not be justified.
"Is it worth the expense of large-scale DDoS mitigation technologies? Probably not," he said.
"Does it harm the Soca brand to be seen to do nothing or very little to stop these attacks from happening? Again, probably not - Soca are treating the attacks with the contempt they deserve.
"The sensible person doesn't walk around in a beekeeper's outfit to keep the wasps away from their ice cream in summer. The sensible person accepts that wasps are attracted to ice cream and that wasps will always outnumber ice creams."

What is a DDoS attack?

  • A Distributed Denial of Service (DDoS) attack aims to make websites inaccessible
  • The attackers commonly use networks of compromised computers - called a botnet - that they control to launch the attacks
  • By overwhelming the target site with requests, the attackers can ensure that genuine visitors cannot reach the site
  • These requests look like genuine web traffic so can be hard to filter out
  • Typically, such attacks have been aimed at high-profile websites, such as those belonging to government departments, banks and political organisations



(courtesy:bbc.com)

No comments:

Post a Comment

Twitter Bird Gadget