A group of computer criminals used two separate distributed denial-of-service (DDoS) attacks to bring down all of the BBC’s websites and Donald Trump’s main campaign site over this past holiday weekend.
The story begins on New Year’s Eve, when all BBC sites, including its iPlayer service, went dark for three hours.
At the time, the UK-based news organization reported that the outage was the result of a “technical issue”. It later stated that a group calling themselves the “New World Hackers” had claimed credit for launching a DDoS attack against the broadcaster, as a “test of its capabilities”
Since then, one of the group’s members who identified himself as “Ownz” took the opportunity to send a screenshot to ZDNet of the web interface that was used to attack the BBC.
If the screenshot is legitimate, the group allegedly employed their own tool called BangStresser to launch an attack of up to 602 Gbps – a volume of traffic that well-surpasses the largest attack on record at 334 Gbps, as documented by Arbor Networks in the middle of year.
Not untypically, BangStresser is itself protected from DDoS attacks by CloudFlare – one of the popular DDoS mitigation services often deployed by websites keen to protect themselves from attackers.
The attack apparently made use of two Amazon Web Services servers, but managed to skirt around the company’s automated misuse detection systems as Ownz explained in an interview with ZDNet:
“We have our ways of bypassing Amazon. The best way to describe it is we tap into a few administrative services that Amazon is use to using. The [sic] simply set our bandwidth limit as unlimited and program our own scripts to hide it.”
According to Softpedia, Trump’s website went down immediately on Saturday, January 2 and remained dark for several hours until DDoS mitigation solutions were put in place.
The attacks, however, remained ongoing throughout the day against mail.trump.com domain, the Trump Organization’s Webmail service.
Trump’s camp has yet to officially address the incident. A statement posted on Saturday by Trump’s campaign advisers (and redistributed via HackRead) attributed the downage to “an unusually high volume of traffic” only.
On Monday, Real Forums sat down with members of the group to inquire about their New Year’s exploits. Here’s what they had to say:
“Our reasons behind the BBC attack was just a test of our capabilities. Although, the Trump site was the target. He can be very racist. We didn’t mean to cause as much damage as we did to BBC, but for Trump, Yes.”
The group goes on to state that it plans to launch additional DDoS attacks against Trump and other large organizations like the BBC. The group also specifically mentions ISIS and the Ku Klux Klan as future targets.
We’re not a week into 2016, and we’ve already witnessed DDoS attacks that have succeeded in taking down the websites of major news organizations and U.S. political candidates. It just goes to show that while malware is on the rise, DDoS attacks are not going anywhere in the New Year.
As we all get back to work, we should therefore take the time to make sure our enterprises have the necessary DDoS mitigation technologies in place.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.