The Irish Government is now in the sights of hacker collective Anonymous which last night took down the websites of the Department of Justice and the Department of Finance as part of its OpIreland DDOS attack. The attack affected a number of affiliate websites and saw the hackers publish ministers’ phone numbers.
Security expert Brian Honan says the unusual timing of the attacks – after midnight on a Tuesday night – suggest the attacks were just a warning shot ahead of the State’s decision to pass a statutory instrument that many critics have deemed to be the Irish SOPA.
“Over the coming days, we may see these attacks intensify, especially as more people are recruited into the operation. Typically, these attacks will eventually fade away as those taking part in the attack lose interest and move onto other items.
“Many will see this as a way to draw Government’s attention to the concerns many have with the proposed new law. However, I believe that this action will simply divert the attention of the media and elected officials away from the core issue at heart and focus instead on Ireland been subjected to these attacks."
The statutory instrument is aimed at covering a perceived gap in the Irish copyright laws whereby courts will be given powers to grant injunctions against ISPs on the suspicion of illegal downloading activities by their customers.
A petition that emerged earlier this week against the statutory instrument attracted more than 22,000 signatures.
Earlier this week, Government websites in Poland, including that of its prime minister, were attacked and vandalised by Anonymous.
First signs of the attack emerged after nine o’clock after Anonymous tweeted how Ireland had ‘angered the hive.’
Before midnight the Department of Justice website was down and affiliated site Citizens Information was down.
After midnight, Anonymous published the phone numbers of all TDs in Government on Pastebin.
Honan says he expects activity to increase in the coming hours and days and has offered the following advice for system administrators:
"If you are a system administrator based in Ireland and responsible for managing your organisation’s websites and systems, then you should do a risk profile of your organisation to determine will it be a potential target of OpIreland. If so, then you should take some proactive measures to ensure the security of your systems:
- Ensure your systems are fully patched, this includes your firewalls, your operating systems, web server software and the web application software on your site
- Review all your firewall rules and ensure they are up to date and correct
- Ensure your log files are turned on, that they are recording key events and that you are actively monitoring them for suspicious activity
- Look at deploying DDOS mitigation tools
- Ensure all your passwords are secure passwords and are not re-used across multiple systems
- If you have Intrusion Detection Systems (IDS) in place, ensure they are configured and working properly and are being monitored
- Have your incident response plan close by in the event that you are impacted.
Jason Ward, EMC’s country manager, said the denial of service attack on the Department of Justice and the Department of Finance websites was symptomatic of new risks to IT systems as cyber adversaries around the world try to disrupt governments.
"The attack on the two Government Departments showed that our IT systems have never been more vulnerable and we need to take proactive steps to prevent cyber attacks as part of a new defence doctrine.
"Although there is not too much information available on this morning’s attack, we do know that intelligence-driven information security is emerging as the clear pathway for all organisations to protect their IT infrastructure.
"That means collecting reliable cyber security data and researching prospective cyber adversaries to better understand risk and learn about why and how attacks occur," Ward said.