UK LAW ENFORCEMENT BODY the Serious Organised Crime Agency (SOCA) was forced to take its website off line Wednesday night following a cyber attack.
The organisation, which recently shut down 36 web sites that it said were trading in stolen credit card information, announced that taking the web site offline was a proactive measure after it noticed a number of distributed denial of service (DDoS) attacks.
"SOCA elected to take its website temporarily offline at approximately 10pm last night. The action was taken to limit the impact of a distributed denial of service attack on other clients hosted by our service provider," a spokesperson said.
"SOCA's website contains only publicly-available information and does not provide access to operational material."
This isn't the first time that SOCA's web site has been targeted. Shadowy hacktivist group Lulzsec forced the web site offline in June 2011 using similar tactics, which led to members of the group being arrested in connection with the attack.
Kaspersky Labs' senior security researcher David Jacoby told The Inquirer that even if organisations like SOCA have everything in place to protect themselves, for example vulnerability management, they can still fall victim to a DDoS attack.
He said, "Just because you have a working patch management procedure, it doesn't mean that someone won't be able to break into your company [or] web site."
"There are many different ways you can perform a DDoS attack. It does not have to be a vulnerability that is getting exploited, it can also be that the attacker is simply consuming all the bandwidth from the target server; or making sure that the service [or] application cannot receive any more connection[s] by establishing the maximum amount of allowed connections," he added.
When asked if this sort of attack could be a result of Hacktivists groups, Jacoby warned that we need to separate a ‘hack', from a ‘digital protest' (DDoS attack).
"Shutting a site down via a DDoS attack is not a hack or a compromise," he said. "I would also guess that most of the people who are performing these attacks are young people, but just because they are young doesn't mean that they shouldn't be taken seriously. I do not agree with the actions of Hacktivists, but this is a wake-up call for the security industry too."
The DDoS attack against SOCA comes as the threat of cyber attacks in general continues to dominate the headlines. For example, cabinet office minister Francis Maude warned on Thursday that the UK is likely to face an increased number of attacks during the Olympics.
"We have rightly been preparing for some time - a dedicated unit will help guard the London Olympics against cyber attack - we are determined to have a safe and secure Games," he said in a speech delivered in Estonia. µ
Someone could be in for a NASty surpise
An assault course on the senses
Boasting Bionic boosting