Anonymous Attack GCHQ and Home Office

By

Mar 15th


Last Saturday the Home Office website was attacked by Anonymous, via a Denial of Service Attack (DDOS). At the time Anonymous stated via their Twitter feed that the attacks would continue every Saturday, until further notice.

So what happen this Saturday? The Home Office Website has been up most of the day and responding to requests within normal tolerances, however it did go offline for around five-ten minutes for short periods of time throughout the day. It is now up and running, and responding as per normal.

The anonymous Twitter feed, @YourAnonNews announced the take downs as they occurred, but it was up within minutes of each the announcement being made. Anonymous “No!” also announced they were attacking GCHQ website, via the same type of attack. They seem to be less successful at bringing that site down, as it did not miss a heartbeat all day.

The traditional Denial of Service attack involves getting a large amount of computers working together making legitimate requests to the webserver. While most website would be able to handle five, ten or even twenty users requesting webpages at any one time, they will struggle to handle hundreds or even thousands of requests at the same time. This would typically overload the server, and depending on recovery procedures, reboot either the server or the web service. It is a harmless attack, in the sense that it does not gain access to sensitive data, or modify the website content. However if you are an organisation that depends on revenue from your website, and it cannot respond to legitimate customers because you are overloaded, it is much more of a concern. The Home Office and GCHQ will not be losing any revenue over this attack.

The Home Office and GCHQ are unlikely to be hugely concerned about the attacks, if anything it is a little embarrassing, but what can you do when you receive legitimate web page requests? There is not a huge amount that can be done against these types of attacks. The web requests will come from Botnets across the globe, so apart from blocking every request, there is little you can do, except to try and have the capacity to respond to the overload of requests or ensure that when your service or server is overloaded that it can recover quickly.

The action was dubbed Tango Down, which is a traditional military term adopted by hackers to reference the successful site attack, specifically when the site goes offline.

One could argue that these types of attacks lack ambition, but a successful DDOS attack does imply that the attacking group does have a botnet at its disposal, which in itself is more ominous. Could they turn the botnet towards a brute force password attack that could gain them access to sensitive data or website content?

Watch this space.

Leave a Reply

 
© 2006-2019 Security magazine.