CIA website brought down - were Anonymous attackers responsible?

Filed Under: Denial of Service, Featured, Law & order, Vulnerability

The CIA's website was brought down for some hours last night by what appears to have been an internet distributed denial-of-service (DDoS) attack.

The CIA's website is hard to get to

A post made from an Anonymous-affiliated Twitter account announced that the site had been attacked using the phrase "CIA Tango Down", although a later tweet left ambiguity as to whether the hacktivists were claiming responsibility for the attack.

Anonymous tweet

Of course, this is one of the challenges when trying to get a sense of what actions can be attributed to Anonymous or not.

Anonymous doesn't have members, isn't a group in a conventional sense, and has arguably no official channels of communication. Without a defined hierarchy, anyone can claim to represent Anonymous if they wish, which means that even Anonymous itself can't actually claim that they did or did not launch an attack.

It's more a case of individuals bandying together to launch attacks, some of which they may choose to launch under the Anonymous banner even if it isn't an attack supported by others who would affiliate themselves with the movement.

Anonymous maskSo, it only actually needs one person to claim that the CIA attack was done by Anonymous and, well.. it's hard to prove that it wasn't. I often think that this must be frustrating for those who would closely associate themselves with Anonymous, and man their more popularly followed website outlets and Twitter accounts.

At the end of the day, it probably matters less whether the attack was by Anonymous or not - but rather, that the CIA's website was brought down and whether the authorities are able to identify those responsible.

In the past, law enforcement agencies have arrested individuals who they believe have been responsible for similar DDoS attacks against the likes of Britain's Serious Organised Crime Agency and the CIA.

If innocent users want to avoid being associated with a criminal DDoS attack, they should take care over what links they click on, and what software they install.

At the time of writing, the CIA's website still appears to be receiving a large amount of traffic - making it impossible for some internet users to reach the site.

Of course, a denial-of-service attack is very different from an actual hack of the CIA's computer servers. There is no suggestion at the moment that the CIA's own systems have been compromised - rather their webservers have been so bombarded with traffic that their site is no longer accessible from the outside world.

It's rather like when a luxury department store sells products at ridiculously reduced sale prices - so many people try to get in at the same time, that nothing moves and a complete logjam is created.

, , ,

You might like

8 Responses to CIA website brought down - were Anonymous attackers responsible?

  1. Nico · 993 days ago

    I think it's very bad that stuff like this happens... last week the biggest dutch telecom provider was compromized (KPN) and they are still fixing the damage and patching the systems (today is day 15 after the hack.. they're still working 24/7 with 100 IT pro's to fix it)... The symantec cloud service was hacked (and before that their source code compromized and stolen)... this will be a BIG blow for those companies... makes me wonder who's gonna be next.
    So Symantec software is not safe anymore (anti-virus source code, internet security source code and pc anywhere source code was stolen)
    KPN's customer databases were stolen and leaked; and the hackers were able to (didn't do it, but could have done it) make it impossible for people to phone 112 (EU version of 911)
    The router/firewalls used were Juniper hardware... thus making that company less reliable...
    It seems like the security world is going through a turnover and security specialists seem to be the people that are the ones that don't know enough about security and are constantly being outsmarted! Scary stuff

  2. dtb · 993 days ago

    Juniper shouldn't be deemed less reliable because the owners of the equipment made poor choices regarding configuration of the device.

  3. Love Anonymous · 993 days ago

    ACTA will sure be a hell of a fun 'project'.
    Keep it up Anony

  4. Yay · 993 days ago

    Finally someone used the word "attackers" which is totally correct, as opposed to what every other ignorant blog or newspapers write. Anonymous are attackers, not hackers, infact they are a disgrace for real hackers.

    • Jono · 991 days ago

      You are incorrect here. A lot of the Anonymous group are in fact hackers. It's just that a rather large amount of them are also completely ignorant and therefore the real hackers have to do easier stuff so that the rest of them know how to do it.
      I have my links and often follow a lot of their posts on how to hack to see whether or not I can find security fixes to stop them :)

  5. thomazchamberlain · 993 days ago

    My research is centralised around trying to provide a novel solution to DDoS attack defence. It's always very hard to figure out where a DDoS attack has come from. This is because it's difficult to distinguish between normal traffic and traffic created from a group performing a DDoS attack. I just thought I'd provide some more insight into that. Nice post, thanks.

    • Jon Fukumoto · 993 days ago

      A DDos doesn't take much to achieve. Attacks like this just a whole group of computers programmed to bombard the target server with ping requests. The server responds back, but the systems doing the attaching are made not to respond back. This, the web server then waits for the response which never comes in. Eventually, the targeted server gets overwhelmed with the extra traffic that it goes down.

  6. Richard · 991 days ago

    Reminds me of this: http://xkcd.com/932/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.