At the time of writing, the NSA’s website has been inaccessible for a few hours.
Inevitably suspicions have been raised that the site could have fallen victim to a distributed denial-of-service attack from hackers making a stand against the surveillance agency, or perhaps a peeved German Chancellor Angela Merkel is simply getting her own back.
But we shouldn’t forget that it’s equally possible that someone has screwed-up, or that a technical fault has teken the website offline.
It shouldn’t be forgotten, of course, that a DDoS attack is a very rudimentary way of striking at a website – and nothing like as serious as if an organisation’s website was compromised, or information stole from a company’s servers.
If it *is* a DDoS attack though, the timing perhaps wouldn’t be surprising. After all, the NSA has a high profile in the news right now.
This weekend, a rally against mass surveillance is taking place this weekend in front of Union Station, Washington, D.C. having gained the support of internet celebrities like Tim Berners-Lee and more traditional Hollywood stars such as Maggie Gyllenhaal and John Cusack.
To underline what I hope should be obvious – I am in no way suggesting that the organisers of the rally are connected in any way with the NSA website downtime.
Is the NSA’s website disruption due to DDoS-attacking hackers orchestrating a botnet? I think the jury is out, and we shouldn’t rush to jump to that conclusion until the agency itself shares some details publicly about what’s going on.
Update: Some, as the following tweet shows, suggest that the problem is down to a DNS change.
— Pete Fein (@wearpants) October 25, 2013
Update 2: The NSA has now issued a statement, reported by ABC News, confirming that they were not the victim of a DDoS attack but instead suffered from an “internal error”:
“NSA.gov was not accessible for several hours tonight because of an internal error that occurred during a scheduled update,” the spy agency said in an emailed statement. “The issue will be resolved this evening. Claims that the outage was caused by a distributed denial of service [DDoS] attack are not true.”