On the 22nd January, a cyber-attack hit a number of Irish websites. Central Statistics Office, the Oireachtas, the Department of Justice, the Department of Defence, the Courts Services of Ireland and The National Lottery were all hit. Daft and Boards were also brought down. Each of them went offline one after the other in quick succession. As of yet, the perpetrators have not been identified and their reasons for conducting the attack remain a mystery. A special unit to tackle cybercrime from the Department of Communications is still investigating.
The attack was particularly disruptive for the National Lottery. It was a weekend when the jackpot was at an all time high of €12 million. There were many people looking to buy a ticket online for their chance to get a piece of it. Undoubtedly, the attackers knew this. In fact, the particular mix of websites attacked suggest that the attackers may have been Irish, but there is really no knowing. A DDoS attack can be conducted from anywhere and its origins are almost impossible to trace.
As to the reason why, a number of theories have been suggested. Colin Larkin, MD at Irish mobile security company MoQom, says that the best explanation is usually the simplest. He claims that the perpetrators probably just wanted money. The DDoS attack, in his opinion, was a means of forcing a ransom. This may have explained the attack on the National Lottery – a similar attack happened to a bookmaker a few years ago in the run up to a big race meet.
However, this theory doesn’t give a satisfying explanation as to why Boards.ie or Daft were hit, or indeed the Irish government. To explain that, there is a compelling theory that came from an anonymous individual who contacted The Register. They claimed that the attacks were the beginning of a “national cybersecurity audit” and that we can expect to see news outlets and financial institutions go down next. As of yet, this happened happened.
Regardless of whether Ireland’s biggest websites are being audited or not, there is an aspect of the theory that remains true: these DDOS attacks have been a wake up call to how cyber security is approached in this country. Undoubtedly, those affected, as well as those who understood that they could just as easily have been targeted, are now thinking very seriously about how they can protect themselves from such an attack ever happening again.
David Miller, the COO of AdaptiveMobile isn’t one bit surprised by the attack. Like the rest of us he is somewhat baffled as to the reason why the attacks took place, but he says that similar attacks take place around the world every day. “It’s interesting what’s going on and it seems an example of where the world is heading. Every application can be perceived as an online threat now.”
Perhaps the most worry thing about this attack is that it wasn’t necessarily very sophisticated. Distributed Denial-of-Service (DDOS) works by overcrowding a network by sending it too much traffic until it eventually crashes. This is done by a hacker who can command thousands of personal computers all to log into the same website at the same time. These computers are usually owned by regular people who unknowingly installed malware. Because security can’t distinguish between normal traffic and the traffic coming from a DDoS it is very hard to defend against. Worse still, practically anyone can carry this out.
Hackers can be hired on demand from the dark web for as little as £25/hour to take down a website. A large website would cost a little more, but the cost is still so low that it would be within the price range of someone looking for an unusual hobby.
Those responsible for the attack on these Irish websites may have already extorted cash from their targets, or they may yet plan to – such deals are often kept quiet. Then again, it may just have been the act of a bored teenager with no intention of taking it any further. Whoever it was or whatever their intention, the toll is a necessary one if it means that cyber security will now be given its due prioritisation in the coming year.