Members of the hacker group Anonymous flooded Twitter today with triumphant calls of TANGO DOWN, as websites for the CIA and Department of Justice, as well as two websites for the British’ Mi6 intelligence agency went silent for as long as 9o minutes earlier today.
This is the second time in two months that Anonymous has claimed responsibility for taking down the CIA site.
Brazilian hacker Havittaja reportedly initiated the attack on DOJ and the CIA “for the lulz,” and other Anons piled on some time later. The hackers’ collective effort to overwhelm government servers in a “distributed denial of service attack” resulted in overloaded servers and, in turn, outages across government websites.
According to security blog The Hacker News (which isn’t to be mistaken with Hacker News, a YCombinator-sponsored news aggregator) “Anonymous makes a freeware tool available to its members to carry out these attacks, which it calls the Low Orbit Ion Cannon.”
Also today, personal information from the seven CIA agents responsible for bringing down LulzSec in March of this year was posted to Pastebin in retaliation. These so-called “dox” contain personal information like names, addresses, credit card numbers with security codes, government email addresses and passwords, birthdates, and – at least in a few cases – agents’ mothers’ maiden names. It’s unclear whether these dox were obtained during the DDoS attack on the CIA site.
(Writer’s note: I did not post links to the dox leaked on Pastebin for obvious reasons.)
These attacks are part of what seems like a trend of more frequent and more ambitious attacks by members of Anonymous. It’s hard to defend against DDoS attacks. Targets of these attacks, like government and corporate websites, usually can only limit the spread of damage to compromised servers by maintaining firewalls or temporarily deflecting traffic – legitimate and malicious – to a “black hole” where it is discarded. Until the government develops better defenses against DDoS attacks, or until Anonymous decides to pack up shop and do something else, we’re going to keep hearing about these sorts of attacks.