During the small hours of Tuesday morning unknown hackers attempted to infiltrate the website of the Risk & Assurance Group (RAG), eventually causing the site to go offline. The hackers appear to have attempted a brute force attack on the site’s login page, hoping to gain access by hitting the page more than once a second over the course of three hours. Though the hackers were not successful, the load caused an interruption in service. Thankfully the interruption was only brief and the website was soon resurrected and working normally again.
The following graph illustrates the extent to which the hackers devoted resources to the task of cracking into RAG’s website. The dotted yellow line represents the load on the web servers during the course of a typical day, whilst the red line shows the comparable load during the attack.
This hack is a useful reminder that speech may be free, but it comes at a cost. Just as cybercriminals obtain and use extensive processing and communication power to pursue their goals, honest actors must also make significant investments in the time and technology needed to harden the security of every service they supply via the internet. Even a humble website can come under vicious attack.
Perhaps the hackers were targeting RAG deliberately or their goal is to abuse any site they can access. Whatever their motives, we are in a constant war to keep electronic communications freely available, safe, and functional.