Government websites taken down by sustained cyber attack

HSE, Justice department and CSO websites among those affected by attack

Government websites have come under a sustained cyber attack.
Government websites have come under a sustained cyber attack.

Government websites have come under a sustained cyber attack, causing massive disruption for citizens and the public service.

Websites of a number of departments and agencies were down on Friday morning, including the HSE, the Central Statistics Office, the Department of Justice, the Courts Service and the Department of Defence.

All appeared to have been restored by about 1pm.

The chief information officer at the HSE confirmed the entire Irish government network experienced an attack known as a distributed denial-of-service (DDOS) attack, by a third party.

READ MORE

“This comprises a massive amount of attempted data connections directed toward our networks - designed to flood the available channels, and disrupt our ability to communicate, and thus, operate,” the office said.

“As a result, access to the internet may be slow, patchy or unavailable. Public access to our internet sites including hse.ie is also affected.

“While email does appear to be getting through, be advised that delays may occur.”

The chief information officer said government networks were working to mitigate the attack, which was “persistent as of 11am”. He apologised for the disruption.

The Central Statistics Office also confirmed its own site was down due to what appeared to be a DDOS attack.

The attacks began late on Thursday night and they follow similar disruption to the boards.ie website and the National Lottery website this week.

Lotto customers were unable to buy tickets for the €12 million jackpot for several hours on Wednesday after the website and ticket machines were brought down by a DDOS attack.

DDOS attacks involve bombarding a website with requests to disrupt its regular traffic.

Information security consultant Brian Honan of BH Consulting said a denial of service attack involved sending so much traffic to a website that legitmate traffic could not get through.

A distributed denial of service attack was the use of multiple sources to bombard a site.

“So instead of having to protect yourself from one source you have got thousands, if not tens of thousands to defend against, so it can be quite difficult.”

One way of accomplishing such an attack involved the cyber-attackers infecting multiple computers and using those to attack their target.

Another was was a so-called ‘reflection’ attack, which involved the manipulation of internet protocols to send traffic to a site.

Mr Honan said there were tools and services available to help protect against DDOS attacks in the first place. The cost involved would depend on the type of organisation and how it needed to protect itself.

“It would be recommended best practice. If you are considered to be a target, the you should have these. If you are a financial organisation, if you are conducting a lot of online business, or you may be subject to activist-motivated attacks, you should have preventative measures in place.”

Paul Hogan, chief technology officer of information security firm Ward Solutions, said some commentary referred to DDOS attacks as creating a “nuisance factor”, and that they did not actually lead to security being compromised.

“However, we have seen in the past DDOS attacks being used as a cyber-smoke-screen to mask a more targeted attack,” he said.

Strategies organisations could adopt to protect themselves included “overprovisioning”, whereby they employed extra bandwidth or network/computing devices which could handle the spikes in traffic and extra demand on resources.

Configuring and tuning servers, firewalls, intrusion-prevention systems and routers could also help stop some of the simpler types of attacks.