Sophos Cloud Optix
The UK’s Serious Organised Crime Agency (SOCA) has confirmed that its website has suffered a distributed denial-of-service (DDoS) attack, effectively preventing internet users from reaching it.
This is the second time in less than a year that SOCA’s website has found itself the target of malicious attackers, having previously suffered from a DDoS attack at the hands of the notorious LulzSec gang in June 2011.
A SOCA spokesperson told TechWeekEurope that the website was taken offline at approximately 10pm on Wednesday, but that there was no security risk for the organisation.
"The reason we take it down is to prevent and limit any impact on the clients hosted by our service provider. Clearly the things we’d like to stress are that the SOCA website contains only publicly available information, it does not provide access to operational material."
"DDoS attacks cause a temporary inconvenience to website visitors, they don’t impose a security risk to the organisation. We will monitor the situation and put the site back up when it is appropriate to do so."
What isn’t clear at this point is who is behind the attack.
Some may suspect that a LulzSec sympathiser is behind the attack, as yesterday US prosectors made public an indictment against four British and Irish men, suspected of being involved in an internet attack on the Stratfor security analysis firm last year.
Until yesterday, only Jeremy Hammond, a 27-year-old from Chicago, had been charged in relation to the Stratfor security breach.
But now Donncha O’Cearrbhail (aka “palladium”), Darren Martyn (aka “pwnsauce”), Jake Davis (aka “topiary”) and Ryan Ackroyd (aka “kayla” or “lolspoon”) – who were all arrested by authorities last year – have also been named.
Another consideration for who might be responsible for the DDoS is that SOCA recently shut down 36 websites selling stolen credit card details.
Here’s a video I made about the credit card website shutdown:
(Enjoy this video? Check out more on the SophosLabs YouTube channel.)
Whoever is to blame for this latest assault, it’s worth remembering that denial-of-service attacks are against the law.
Will law enforcement in the UK, possibly even the world, be able function after this digital pearl harbour ?
Surely the police must now admit defeat and stop arresting online vandals.
why is being attacked?
why do they need a reason? why did a student become and engineer? why did your son become an astronaut? we only broke toys, broke them apart and then tried to put them back together.
Today's reasons of these acts don't matter:
1) because first of all, who know if it's true? it can just something like "black box" doing bad pubblicity? If it's anonymous, it's anonymous, anyone can claim they did it, it doesn't mean it's true.
2) because it's cool and fun "oh wait I found a whole in here, let me see where this goes" "oh I found this forum online where someone posted a bunch of unprotected IPs that we can attack, like the teacher at Uni. showed us, let's give it a shot. OH COOL it worked"
really why?
The bottom like is that whomever owns the site, spent money in the wrong field, they should have prevented this