Hacktivist group Anonymous claims it brought down government websites in protest at the UK’s handling of the asylum...
case of WikiLeaks founder Julian Assange.
The group targeted the websites of No. 10, the Home Office, the Ministry of Justice (MoJ) and the Department of Work and Pensions (DWP) in what it called “Operation Free Assange”, according to the Guardian.
The Home Office confirmed its website had been targeted, but said in a statement that the website had not been hacked and had experienced only a minor interruption to the service.
The distributed denial-of-service (DDoS) attacks also targeted sites in Sweden, which is seeking Julian Assange’s extradition over allegations of sexual misconduct, which he denies.
The attacks came as came as Ecuadorian president Rafael Correa warned the UK that attempting to enter his country's embassy in London, where Assange has been holed up since mid-June, would be an act of diplomatic suicide.
"I think it would be suicidal for the United Kingdom. After that, the diplomatic premises of [the UK] in other territories could be violated all over the world,” Correa said on Ecuadorian state television.
Downing Street said it is committed to seeking a diplomatic solution with Ecuador, but foreign secretary William Hague said the UK is obliged to extradite Assange to Sweden.
Assange applied for and was granted asylum by Ecuador because he fears subsequent extradition to the United States if he travels to Sweden to contest the allegations of sexual misconduct.
Read more about Julian Assange
Anonymous has vowed to keep up the pressure on the UK by continuing to attack government websites.
The group first came to prominence through its online attacks in support of Assange in December 2010, after WikiLeaks published thousands of US diplomatic cables.
Anonymous targeted finance websites including Visa and PayPal after they severed links with WikiLeaks, cutting its main funding pipelines.
This week’s attacks on government websites highlight how DDoS attacks are increasingly being used by hacktivist groups to retaliate and express frustrations, said Ash Patel, country manager for UK & Ireland of security firm Stonesoft.
“The attacks demonstrate the gap in the understanding around how to deal with such attacks; organisations should be using multiple internet connections from different ISPs, together with compressive IPS technologies, to mitigate DDoS attacks, and clustered high availability servers, which will make it harder for hackers to succeed,” Patel said.
He said it is imperative the government brings together the major telecoms companies and tier-one ISPs to discuss ways they can jointly deal with this DDoS problem at a telecoms level.
Read more about DDoS attacks
However, Patel said DDoS attacks are just one method used against the UK government in recent months.
"Consequently, they should ensure that they take a more stringent approach to their cyber security. For example, a layered approach is an effective measure and can mitigate other attacks in the future,” said Patel.
Darren Anstee, solutions architect team lead at Arbor Networks, said it was important organisations take best-practice steps to ensure they are adequately protected if they become the target of a DDoS attack.
“Organisations should minimise their threat surface as much as possible using their network infrastructure to control the traffic reaching their service infrastructure, and they should ensure that they have well documented, and tested, incident handling processes,” Anstee said.
The recent attacks during the federal elections in Mexico highlight how being prepared can protect an organisation from the impact of a DDoS attack, said Anstee.
The Mexican Federal Electoral Institute prepared in advance to deal with DDoS attacks, and was able to defend itself against repeated attack.