US Congress websites recovering after three-day DDoS attack

David Bisson

Us congress thumb

US Congress websites recovering after three-day DDoS attack

Several websites owned and operated by the United States Congress are recovering from a three-day distributed denial-of-service (DDoS) attack.

The DDoS campaign began on July 17 when the websites for the Library of Congress (LoC) began experiencing technical difficulties. A day later, the websites went temporarily offline:

During the attack, Library of Congress employees were unable to access their work emails or visit any of the Library’s websites.

Softpedia reports the attackers ultimately overcame initial defense measures to escalate their campaign. Specifically, they brought down two additional targets: congress.gov, the online portal for the United States Congress; and copyright.gov, the website for the United States Copyright Office.

On Tuesday morning, things started to get back to normal. Some email accounts were functioning, writes FedScoop, but other online properties by the LoC remained offline.

As of this writing, the three government portals affected by the attack are back online.

Library of congress
The Library of Congress (Source: Signiant)

Tod Beardsley, a senior research manager for Boston-based cybersecurity firm Rapid7, feels that denial-of-service attacks remain popular because of how difficult it is for a target to mitigate a campaign while it is still in progress.

As he told FedScoop:

“DoS attacks that leverage DNS as a transport is a common mechanism for flooding target sites with unwanted traffic for two reasons. [First,] DNS traffic is often passed through firewalls without traffic inspection, since timely responses to DNS are critical for many networked environments. [And] second, DNS nearly always uses User Datagram Protocol, or UDP, rather than Transmission Control Protocol, or TCP, and UDP-based protocols like DNS are connectionless. As a result of this design, it’s easier for attackers to forge data packets with many fake source addresses, making it difficult to filter good data over bad.”

Network filtering devices can help, but only if a company decides to buy one. Perhaps the Library of Congress didn’t own such a device or lacked a service provider with expertise in mitigating DoS/DDoS attacks.

There’s little companies can do to protect against DDoS attacks, as script kiddies with a few bucks can rent a botnet online to attack whichever target they choose. With that in mind, organizations should prepare for these attacks by investing in DDoS mitigation technologies that can in the event of an attack help accommodate and filter attack traffic.

David Bisson David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.




Stay informed!

Join thousands of others by signing-up for the free “GCHQ” newsletter, containing the latest news and tips from security expert Graham Cluley.

Name:

Email:

Yes, I would like to subscribe to email updates from Graham Cluley. I know it’s easy to unsubscribe if I ever change my mind.