UK's 'FBI' hit by DDoS barrage The public-facing website for the UK's National Crime Agency has wobbled today under a Distributed Denial of Service Attack. The NCA – dubbed Britain's FBI – told The Register its site was "an attractive target" and that "attacks on it are a fact of life." A spokesperson dismissed the skiddies' tool of choice, and branded …
Why boast about our cyber warfare readiness if a DDoS attack can take down their website? It might be a minor inconvenience for their site to be down for 30 minutes... that kind of outage could be critical for someone else.
Because their website has zero operational impact and pretty much zero value to them.
Unlike most businesses, no-one is going to use their website in an attempt to use their services. The site is totally distant from their operational networks, it is pretty much a place to put out press releases and PR material.
Given that an outage has no impact, there is no ROI on spending thousands on DDos protection - money that could be far better used doing what they are meant to be doing.
Unlike most businesses, no-one is going to use their website in an attempt to use their services. The site is totally distant from their operational networks, it is pretty much a place to put out press releases and PR material. .... djack
Just like MI5 and MI6's websites then, djack. Lipstick on a pig of a business, and an opportunity lost to lead in a field which requires phantom champions and practising knights of an ancient realm for post modern remote servering of secret services and future supply chains ........ provisional narrative script.
You gotta have an absolutely fabulous tall tale to follow smartly, otherwise you're flying blind into madness and mayhem rather than cruising in comfort into CHAOS territory .... Clouds Hosting Advanced Operating Systems with and for Global Operating Devices.
Alienating IT may presently be, but the future is all ready and readily available from ITs bounteous stores today and every day for presentations of tomorrow, tomorrow in new news programming of the ignorant horde and arrogant masses. It is how AI and you lead/are led into virtual realities which have the energy and power to appear as if a life for living rather than be recognised and accepted as NEUKlearer HyperRadioProActive Dreams for phorming with others. Such a fundamental misinterpretation though delivers a universal stealth and secrecy for multiple paralleling unilateral action without equal and with no fear of opposition or competition.
Welcome to WORD* and the World with Wild Wacky West Worlds with CyberIntelAIgent Security and Virtual Protection Weapons Systems for transportation, export and importation into Exotic and Erotic Eastern Emporia and Dystopia. And that be a valuable Futures Markets commanding and controlling a worth of centillions and a perfect flash cash crash tool to be wielded at leisure with pleasure.
* WORDly Ordered Remote Direction
If it has no value, it should be shut down....
BRAND damage here is the cost - especially for a new organisation that is trying to gain respect.
They should have just stuck the site on a CDN & forgotten about it, like Krebs did....
As that's how long it usually takes corporations that've been DDoSed to admit that they were hacked under cover of the "chaff barrage". (Hi Sony!)
"At worst it is a temporary inconvenience to users of our website,"
No, that's the best case scenario. Somebody'd better be checking system logs very closely right now. Odds are someone got in, and if they were clever, used the website as a door to "secure" servers.
As the website is completely separate from anything operational, they would have exactly the same leverage from that server as they would have from any other server. So why bother with a high profile site when there's a bazillion wordpress sites out there that they could easily hack to get the same access?
"As the website is completely separate from anything operational"
Is it, says who?
So how is website updated, does someone put changes on a USB stick and gain physical access to the server and transfer stuff?
Even if it is totally air-gapped, there may be clues to be had, even if its just usernames / passwords / encryption keys, metadata in word documents etc on the servers hacked into.
Any and all information can be useful.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
