Anti-ISIL Hackers Claim Responsibility for Massive Cyber Attack on BBC
The group, New World Hacking, claims the DDoS attack exceeded 600 Gbps.
All of the BBC's websites were taken offline for several hours on the morning of December 31, 2015 as a result of a 660 Gbps DDoS attack, a group calling itself New World Hacking claims.
If that volume is correct, Graham Cluley notes, it's almost twice the size of the largest DDoS attack on record.
A New World Hacking member using the handle Ownz told the BBC that the group dates back to 2012 and is made up of eight men and four women. Other recent actions by the group include attacks on the Ku Klux Klan and efforts to identify and report ISIL social media accounts, Ownz said.
Ownz said the group had used the Bangstresser tool to flood the BBC websites with traffic as a test of its capabilities for planed attacks against ISIL.
"The reason we really targeted [the] BBC is because we wanted to see our actual server power," the hackers told the BBC's Rory Cellan-Jones.
"It was only a test, we didn't exactly plan to take it down for multiple hours," the group added. "Our servers are quite strong."
The same group took down Donald Trump's official campaign website and email servers for several hours on January 2, 2016, Softpedia reports.
Dave Martin, director of product marketing at NSFOCUS, told eSecurity Planet by email that a worrying trend in DDoS attacks is for the attack itself to be used as a smokescreen for other malicious activity. "In this style of attack, the threat actor directs a DDoS attack to a certain portion of the network while launching specially crafted attacks at other targets," Martin said. "The goal is to compromise these other targets and either steal critical data during the DDoS attack or install a backdoor that will grant future access to the network and its resources."
"After a DDoS attack, it’s very important to perform a comprehensive forensic analysis of the incident," Martin added. "The analysis should cover not only the targets of the attack, but the entire spectrum of managed network devices. A forensic analysis of the incident can uncover other malicious activity and be used to identify changes needed in network security to improve the organization’s overall security posture."
Photo courtesy of Shutterstock.