Serious questions are being asked about the security of Ireland’s websites following a week of regular distributed denial of service attacks against Government websites, the Lotto’s website and Boards.ie.
What exactly is going on? In the space of a week, Irish websites have found themselves inundated with distributed denial of service (DDoS) attacks that, at time of publication today (22 January), sees a number of Irish Government websites down.
Once the vestige of pranksters, DDoS attacks that flood a website’s servers with fake traffic from multiple points to shut down the website are now considered criminal behaviour, with those found to be perpetrating such crimes usually facing harsh punishments.
At the time of writing, almost all of the major websites are currently offline, including the domains gov.ie, along with all of its subsidiaries, such as those for the Department of Justice, Defence, the courts and even the Central Statistics Office, which confirmed the outage in a tweet, although the latter’s site appears to be up and running again.
Given the almost complete takedown of Irish Governmental websites, it would appear that these DDoS attacks are a well-orchestrated effort by an individual or organisation that has so far evaded detection by those looking into the site takedowns.
Due to technical issues with Government networks, our website and email are currently unavailable. Apologies for any inconvenience.
— CSO Statistics (@CSOIreland) January 22, 2016
It was also revealed to us at Siliconrepublic.com earlier in the week, through a source who deals with a number of Irish governmental websites, that similar DDoS attacks were registered on a smaller scale than today’s attacks.
A week to forget for IT departments
All of this leads to further questions surrounding the number of DDoS attacks seen this week, not only on Governmental websites, but also on private websites, such as the one experienced by Premier Lotteries Ireland (PLI), which operates the Irish lotto, last Wednesday.
With demand high to take part in the €12m jackpot lotto draw on Wednesday, a number of customers were unable to purchase tickets due to a DDoS attack aimed at PLI’s servers. “Indications are that this morning’s technical issues were as a result of a DDOS attack affecting our communications networks,” said PLI in a statement.
“The issues were resolved by the National Lottery’s DDOS protection systems, limiting disruption and restoring all operations within two hours.”
While PLI has said that the gaming system or customer data were not affected by the attack, the National Lottery’s regulator, Liam Sloyan, has called for an investigation into the matter.
Similarly, Boards.ie – the popular Irish online forum – was hit with a similar DDoS attack on Monday night, with login and posting issues having continued throughout this week.
We’re experiencing a ddos attack on site at the moment; we’re doing our best to mitigate the effects and will be back online asap.
— boards.ie (@boards) January 18, 2016
DDoS in binary image via Shutterstock