NSA’s website goes offline. Human screw-up or DDoS attack?

At the time of writing, the NSA’s website has been inaccessible for a few hours.

NSA website down

Inevitably suspicions have been raised that the site could have fallen victim to a distributed denial-of-service attack from hackers making a stand against the surveillance agency, or perhaps a peeved German Chancellor Angela Merkel is simply getting her own back.

nsa-down-170But we shouldn’t forget that it’s equally possible that someone has screwed-up, or that a technical fault has teken the website offline.

It shouldn’t be forgotten, of course, that a DDoS attack is a very rudimentary way of striking at a website - and nothing like as serious as if an organisation’s website was compromised, or information stole from a company’s servers.

If it *is* a DDoS attack though, the timing perhaps wouldn’t be surprising. After all, the NSA has a high profile in the news right now.

This weekend, a rally against mass surveillance is taking place this weekend in front of Union Station, Washington, D.C. having gained the support of internet celebrities like Tim Berners-Lee and more traditional Hollywood stars such as Maggie Gyllenhaal and John Cusack.

To underline what I hope should be obvious - I am in no way suggesting that the organisers of the rally are connected in any way with the NSA website downtime.

Is the NSA’s website disruption due to DDoS-attacking hackers orchestrating a botnet? I think the jury is out, and we shouldn’t rush to jump to that conclusion until the agency itself shares some details publicly about what’s going on.

Update: Some, as the following tweet shows, suggest that the problem is down to a DNS change.

Update 2: The NSA has now issued a statement, reported by ABC News, confirming that they were not the victim of a DDoS attack but instead suffered from an “internal error”:

NSA.gov was not accessible for several hours tonight because of an internal error that occurred during a scheduled update,” the spy agency said in an emailed statement. “The issue will be resolved this evening. Claims that the outage was caused by a distributed denial of service [DDoS] attack are not true.”

Tags: , , ,

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.