SOCA website brought down by DDoS cyber attack – for second time in a year

SOCAThe UK’s Serious Organised Crime Agency (SOCA) has confirmed that its website has suffered a distributed denial-of-service (DDoS) attack, effectively preventing internet users from reaching it.

This is the second time in less than a year that SOCA’s website has found itself the target of malicious attackers, having previously suffered from a DDoS attack at the hands of the notorious LulzSec gang in June 2011.

A SOCA spokesperson told TechWeekEurope that the website was taken offline at approximately 10pm on Wednesday, but that there was no security risk for the organisation.

“The reason we take it down is to prevent and limit any impact on the clients hosted by our service provider. Clearly the things we’d like to stress are that the SOCA website contains only publicly available information, it does not provide access to operational material.”

“DDoS attacks cause a temporary inconvenience to website visitors, they don’t impose a security risk to the organisation. We will monitor the situation and put the site back up when it is appropriate to do so.”

SOCA website down

What isn’t clear at this point is who is behind the attack.

Sign up to our free newsletter.
Security news, advice, and tips.

Some may suspect that a LulzSec sympathiser is behind the attack, as yesterday US prosectors made public an indictment against four British and Irish men, suspected of being involved in an internet attack on the Stratfor security analysis firm last year.

Until yesterday, only Jeremy Hammond, a 27-year-old from Chicago, had been charged in relation to the Stratfor security breach.

But now Donncha O’Cearrbhail (aka “palladium”), Darren Martyn (aka “pwnsauce”), Jake Davis (aka “topiary”) and Ryan Ackroyd (aka “kayla” or “lolspoon”) – who were all arrested by authorities last year – have also been named.

Another consideration for who might be responsible for the DDoS is that SOCA recently shut down 36 websites selling stolen credit card details.

Here’s a video I made about the credit card website shutdown:

Whoever is to blame for this latest assault, it’s worth remembering that denial-of-service attacks are against the law.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.