Logo

DOSarrest Vulnerability Testing and Optimization
Navigation
  • Home

US Congress websites recovering after three-day DDoS attack

on July 20, 2016 |
DDoS DDoS Attacks Defend Against DDoS Denial of Service DoS Attacks Stop DDoS

Library of Congress among the victims to go temporarily offline.

Several websites owned and operated by the United States Congress are recovering from a three-day distributed denial-of-service (DDoS) attack.

The DDoS campaign began on July 17 when the websites for the Library of Congress (LoC) began experiencing technical difficulties. A day later, the websites went temporarily offline:

During the attack, Library of Congress employees were unable to access their work emails or visit any of the Library’s websites.

Softpedia reports the attackers ultimately overcame initial defense measures to escalate their campaign. Specifically, they brought down two additional targets: congress.gov, the online portal for the United States Congress; and copyright.gov, the website for the United States Copyright Office.

On Tuesday morning, things started to get back to normal. Some email accounts were functioning, writes FedScoop, but other online properties by the LoC remained offline.

As of this writing, the three government portals affected by the attack are back online.

Tod Beardsley, a senior research manager for Boston-based cybersecurity firm Rapid7, feels that denial-of-service attacks remain popular because of how difficult it is for a target to mitigate a campaign while it is still in progress.

As he told FedScoop:

“DoS attacks that leverage DNS as a transport is a common mechanism for flooding target sites with unwanted traffic for two reasons. [First,] DNS traffic is often passed through firewalls without traffic inspection, since timely responses to DNS are critical for many networked environments. [And] second, DNS nearly always uses User Datagram Protocol, or UDP, rather than Transmission Control Protocol, or TCP, and UDP-based protocols like DNS are connectionless. As a result of this design, it’s easier for attackers to forge data packets with many fake source addresses, making it difficult to filter good data over bad.”

Network filtering devices can help, but only if a company decides to buy one. Perhaps the Library of Congress didn’t own such a device or lacked a service provider with expertise in mitigating DoS/DDoS attacks.

There’s little companies can do to protect against DDoS attacks, as script kiddies with a few bucks can rent a botnet online to attack whichever target they choose. With that in mind, organizations should prepare for these attacks by investing in DDoS mitigation technologies that can in the event of an attack help accommodate and filter attack traffic.

Source: https://www.grahamcluley.com/2016/07/congress-website-ddos/

Share this story:
  • tweet

Recent Posts

  • Bad actors launched an unprecedented wave of DDoS attacks in 2020

    January 26, 2021 - 0 Comment
  • As coronavirus cases surge, so do cyberattacks against the healthcare sector

    January 11, 2021 - 0 Comment
  • DDoS Attacks Remain a Serious Threat to Businesses Worldwide

    December 17, 2020 - 0 Comment
Comments are closed.
DOSarrest ad

Keep updated with the latest DDoS Attacks

RSSSubscribe
  • Home
  • Latest News
  • Contact
  • Sitemap
© Copyright 2013. All Rights Reserved. Web Development by: 6folds Marketing