It has been reported that several websites owned and operated by the United States Congress are recovering from a three-day DDoS attack. The campaign began on July 17 when the websites for the Library of Congress began experiencing technical difficulties. A day later, the websites went temporarily offline. During the attack, Library of Congress employees were unable to access their work emails or visit any of the Library’s websites. It is reported that the attackers overcame the initial defence measures to escalate their campaign. Stephen Gates, chief research intelligence analyst at NSFOCUS, provider of advanced security solutions and DDoS mitigation specialists commented below.
Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS:
“It never ceases to amaze those of us who operate in the world of DDoS defences, that American Government websites and networks are still vulnerable to DDoS! To be down for nearly three days is completely unacceptable when Cloud and On-Premises DDoS defences are so readily available. All DDoS attacks can be defeated with the right defences in place. Remember, DDoS attacks not only take organisations offline, they also hide a broad spectrum of other attacks. Most likely during the attacks, breach attempts were in accompaniment. They better double-check their logs, looking for signs of other malicious activity.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.