Hackers Bring Down RAG Website

During the small hours of Tuesday morning unknown hackers attempted to infiltrate the website of the Risk & Assurance Group (RAG), eventually causing the site to go offline. The hackers appear to have attempted a brute force attack on the site’s login page, hoping to gain access by hitting the page more than once a second over the course of three hours. Though the hackers were not successful, the load caused an interruption in service. Thankfully the interruption was only brief and the website was soon resurrected and working normally again.

The following graph illustrates the extent to which the hackers devoted resources to the task of cracking into RAG’s website. The dotted yellow line represents the load on the web servers during the course of a typical day, whilst the red line shows the comparable load during the attack.

This hack is a useful reminder that speech may be free, but it comes at a cost. Just as cybercriminals obtain and use extensive processing and communication power to pursue their goals, honest actors must also make significant investments in the time and technology needed to harden the security of every service they supply via the internet. Even a humble website can come under vicious attack.

Perhaps the hackers were targeting RAG deliberately or their goal is to abuse any site they can access. Whatever their motives, we are in a constant war to keep electronic communications freely available, safe, and functional.

Eric Priezkalns
Eric Priezkalns

Eric is a recognized expert on communications risk and assurance. He was Director of Risk Management for Qatar Telecom and has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and others.

 

Eric was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He was a founding member of Qatar’s National Committee for Internet Safety and the first leader of the TM Forum’s Enterprise Risk Management team. Eric currently sits on the committee of the Risk & Assurance Group, and is an editorial advisor to Black Swan. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.

 

Commsrisk is edited by Eric. Look here for more about Eric’s history as editor.