NEW YORK — The group that claimed responsibility for taking down the BBC’s global website last week has said the attack was “just the start.”
On Saturday, a group calling itself New World Hacking also claimed responsibility for an attack that downed Republican presidential candidate Donald Trump’s campaign website for about an hour.
The cause of the attack was a massive distributed denial-of-service (DDoS) attack, which relies on pummeling a web server with so much traffic that it crumbles under the weight and stops responding.
DDoS attacks are widely used, and simple to carry out, often by online groups with the aim of bringing down websites for extended periods.
The group targeted the BBC earlier in the week. BBC websites, including its iPlayer on-demand service, suffered downtime for at least three hours on Thursday.
One of the members of the group, who identified himself as Ownz and declined to use his real name, told ZDNet that the attacks on the BBC’s website and Trump’s website were a “test of power” and server strength.
“ISIS is our main target,” said Ownz.
Ownz, a self-described “hacktivist,” sent ZDNet a screenshot of a web interface that was allegedly used to launch the attacks, indicating an assault of up to 602 Gbps, backing up similar claims the group made to the BBC.
We were not able to verify the authenticity of the screenshot, or the alleged size of the attack.
If that attack size is proven true, it would vastly surpass the previous record for largest DDoS attack of 334 Gbps, recorded by Arbor Networks in mid-2015.
Ownz said the size of the attack was possible by using at least two “Amazon servers,” but did not disclose additional details.
Amazon has previously said that Amazon Web Services “employs a number of automated detection and mitigation techniques to prevent the misuse of our services,” with the capability to stop denial-of-service attacks from being launched and to shut down such an attack quickly if one is detected.
“We have our ways of bypassing Amazon,” said Ownz. “The best way to describe it is we tap into a few administrative services that Amazon is use to using. The [sic] simply set our bandwidth limit as unlimited and program our own scripts to hide it.”
Amazon did not respond to a request for comment over the weekend.
Ownz said the group of 12 people, many of whom are based in the US, spent about two weeks programming before they launched the attack on the BBC.
“The main purpose of this benefits unmasking ISIS, stopping the spread, and possibly ending the propaganda,” said Ownz. “We have been taking down ISIS websites in the past… this is just the start of a new year.”
The hacktivist said the group is compiling a list of Islamic State-related targets and plans to release the list Tuesday.
By Zack Whittaker for Zero Day | January 3, 2016 — 18:24 GMT (18:24 GMT)
Full article:
Source: BBC, Trump web attacks “just the start,” says hacktivist group | ZDNet
Linux Security Blog 