Second DDoS attack on SOCA highlights need to be proactive

The UK's Serious Organised Crime Agency (SOCA) has confirmed that its website has suffered another distributed denial-of-service (DDoS) attack.

The UK's Serious Organised Crime Agency (SOCA) has confirmed that its website has suffered another distributed denial-of-service (DDoS) attack.

This is the second time in less than a year that SOCA's website has found itself the target of malicious attackers.

In June 2011, members of LulzSec, a spin off from hacktivist group Anonymous, hit the SOCA website with a DDoS attack, which effectively prevents internet users from reaching it. 

“The latest DDoS attack on SOCA reinforces the need for organisations to take a proactive approach to application performance management," said Owen Cole, vice president for ExtraHop Networks in Europe.

"Not only will this provide real-time visibility into the network, but it allows any potential attacks to be spotted early, minimising damage," he said.

A SOCA spokesman confirmed  the website was taken offline late on Wednesday, but that there was no security risk for the organisation.

SOCA is right to highlight the minimal risk posed by the DDoS attack, but we still have to remember that such an assault is illegal, said Graham Cluley, senior security consultant at security firm Sophos.

"DDoS attacks can cause huge disruption to organisations and their visitors, and can be used to make political points, prevent firms from doing business and even blackmail targeted websites," he said.

Although it is natural to assume that hacktivists such as Anonymous and LulzSec might be responsible, said Cluley, it is equally possible that other cybercriminals are to blame. 

"Whoever is to blame - they may have chosen their victim unwisely, as a DDoS attack can land the perpetrators in jail for up to 10 years," he said.

Rob Cotton, chief executive of NCC Group, said DDoS is the most common type of cyber attack, because they are straightforward to execute.

"It’s estimated that over two-thirds of DDoS attacks are committed either to make an ideological or political statement – so-called ‘hacktivism’, or to commit digital vandalism," he said.

Cotton also pointed out that although DDoS attacks do not pose a risk in terms of data security, their impact can be massive.

"If a commercial site is offline, companies are effectively turning away customers and losing revenue. Reputation for reliability and customer service are also at risk. Any website is susceptible, and an 'it won't happen to me' attitude is extraordinary naïve," he said.

Andrew Kellett, senior security analyst at Ovum, said operating in a state of security compromise is a reality that most organisations are not comfortable admitting to, but is an accurate reflection of how most IT infrastructure functions today.

Ovum research shows that spending on web security over the next three years will grow at a compound annual growth rate of 8%, which is higher than the projections for most other mainstream security areas.

"This is consistent across most mature markets – Western Europe and North American and, at 14%, is predicted to be even higher in the emerging markets of Asia-Pacific, Eastern Europe, Latin America, and the Middle East and Africa," said Kellett.

Web security is seen as a major area of vulnerability, he said: "The high levels of additional spending are necessary to improve quality and safety of services, and to help to ensure that the type of attack suffered by SOCA can be dealt with without having to take the site down.”

Read more on Hackers and cybercrime prevention