CIA website brought down – were Anonymous attackers responsible?

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

The CIA’s website was brought down for some hours last night by what appears to have been an internet distributed denial-of-service (DDoS) attack.

The CIA's website is hard to get to

A post made from an Anonymous-affiliated Twitter account announced that the site had been attacked using the phrase “CIA Tango Down”, although a later tweet left ambiguity as to whether the hacktivists were claiming responsibility for the attack.

Anonymous tweet

Sign up to our free newsletter.
Security news, advice, and tips.

Of course, this is one of the challenges when trying to get a sense of what actions can be attributed to Anonymous or not.

Anonymous doesn’t have members, isn’t a group in a conventional sense, and has arguably no official channels of communication. Without a defined hierarchy, anyone can claim to represent Anonymous if they wish, which means that even Anonymous itself can’t actually claim that they did or did not launch an attack.

It’s more a case of individuals bandying together to launch attacks, some of which they may choose to launch under the Anonymous banner even if it isn’t an attack supported by others who would affiliate themselves with the movement.

Anonymous maskSo, it only actually needs one person to claim that the CIA attack was done by Anonymous and, well.. it’s hard to prove that it wasn’t. I often think that this must be frustrating for those who would closely associate themselves with Anonymous, and man their more popularly followed website outlets and Twitter accounts.

At the end of the day, it probably matters less whether the attack was by Anonymous or not – but rather, that the CIA’s website was brought down and whether the authorities are able to identify those responsible.

In the past, law enforcement agencies have arrested individuals who they believe have been responsible for similar DDoS attacks against the likes of Britain’s Serious Organised Crime Agency and the CIA.

If innocent users want to avoid being associated with a criminal DDoS attack, they should take care over what links they click on, and what software they install.

At the time of writing, the CIA’s website still appears to be receiving a large amount of traffic – making it impossible for some internet users to reach the site.

Of course, a denial-of-service attack is very different from an actual hack of the CIA’s computer servers. There is no suggestion at the moment that the CIA’s own systems have been compromised – rather their webservers have been so bombarded with traffic that their site is no longer accessible from the outside world.

It’s rather like when a luxury department store sells products at ridiculously reduced sale prices – so many people try to get in at the same time, that nothing moves and a complete logjam is created.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.