Hackers Bring Down RAG Website

During the small hours of Tuesday morning unknown hackers attempted to infiltrate the website of the Risk & Assurance Group (RAG), eventually causing the site to go offline. The hackers appear to have attempted a brute force attack on the site’s login page, hoping to gain access by hitting the page more than once a second over the course of three hours. Though the hackers were not successful, the load caused an interruption in service. Thankfully the interruption was only brief and the website was soon resurrected and working normally again.

The following graph illustrates the extent to which the hackers devoted resources to the task of cracking into RAG’s website. The dotted yellow line represents the load on the web servers during the course of a typical day, whilst the red line shows the comparable load during the attack.

This hack is a useful reminder that speech may be free, but it comes at a cost. Just as cybercriminals obtain and use extensive processing and communication power to pursue their goals, honest actors must also make significant investments in the time and technology needed to harden the security of every service they supply via the internet. Even a humble website can come under vicious attack.

Perhaps the hackers were targeting RAG deliberately or their goal is to abuse any site they can access. Whatever their motives, we are in a constant war to keep electronic communications freely available, safe, and functional.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.