Support from readers like you keeps The Journal open.
You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.
If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.
Prayer service to be held in Clare for mother and children killed in Fermanagh shooting
Thailand and Cambodia agree to peace talks after Trump intervention as shelling continues
8 priests respond to Reek Sunday callout as some opt for earlier climb due to All-Ireland clash
A number of government sites like the Oireachtas and the Department of Justice were offline because of a DDoS attack yesterday. Mark Stedman/RollingNews.ie
Hacking
DDoS attacks brought down lottery and government sites, but what are they?
It was the reason why a number of high-profile Irish sites were forced offline, but how much of a problem can they be?
The type of attack, Distributed Denial-of-Service (DDoS), isn’t new but the frequency in which they’re appearing is increasing. It’s the most common type of attack because of how easy it is to complete, but how much of an impact can they really have?
What exactly is a DDoS attack?
In basic terms, a DDoS attack overwhelms a site or service with traffic, causing it to slow down or go offline.
Such attacks have been carried out for as long as the internet existed, but the ease of which you can perform one – either by having the required skills or enough money to pay for an attack, provided you know where to look – makes one easy to carry out.
A good way to think about it is if you were to liken a site to a train. While they’re designed to handle both normal and rush-hour crowds, a DDoS attack sends a large crowd continuously pouring in without warning. If it becomes too much, it prevents the train from moving and stops people from traveling.
How it does this is through a process called a botnet. This is when computers and devices connected to the internet contribute to an attack, without the owners’ knowledge.
As part of the attack, these computers are infected by malware or a virus giving an attacker control of it. The owners of these computers are unaware this has happened, the most they will notice is slowdown or crashing.
Those controlling these computers, which can easily be a few computers or a hundreds of thousands depending on the attacker’s proficiency, can be used to target a site or service. Even if the attack doesn’t succeed, the source behind it is next to impossible to track down thanks to the number of devices used.
Sometimes botnets are referred to as a zombie army in that those computers affected have no control over what they’re doing, mindlessly sending traffic to the one target while it tries to defend itself.
There are a few reasons but usually boil down to two big ones: activism and extortion.
In the case of activism, the founder of security consultancy BH Consulting, Brian Honan, explained that this could be done by targeting a large or prominent service, and using the attention to highlight a message.
Advertisement
“It can be used as a tool to promote your messages so they’re normally followed up,” he says. “[The group] claiming responsibility for the attack and why they’ve done it”.
Extortion usually happens by a group threatening a DDoS attack unless a fee is paid. For most commercial sites, downtime can have an adverse effect on day-to-day business and can result in lost revenue. An attacker can target a site, tell them to give them money or suffer a DDoS attack, and carry it out until they pay it or figure out a way to counter it.
The cybersecurity services expert for Grant Thornton, Mike Harris, says such attacks are “making a comeback” compared to a few years ago.
“There are websites … [where] you can buy time and bandwidth and you can point it [towards a target],” he says. “It’s very straightforward to do with very little expertise”.
How big a concern are they?
They’re noticeable depending on the target but not at the same level as other cyberattacks that result in personal data being stolen. Honan says such attacks have been happening for a while , it’s just that they’re more noticeable now since the internet plays a major role in our lives.
“DDoS attacks are nothing new, they’ve been going around for decades”, says Honan. “What’s happening now is because we have more systems online and in a way, we’re more dependent on them, these attacks are becoming more visible”.
Yet the bigger problem is there being more devices starting to connect to the internet. While this was limited to PCs and smartphones, the Internet of Things is now connecting generic items like fridges, thermostats and other household items. While it offers greater functionality, it brings up its own major security issues.
Although it wasn’t an attack, a recent example saw the Nest thermostat deactivate in the US because of a software bug, leaving owners unable to change temperatures and heat up their home. If a bug can cause that much trouble, an attack can do worse.
A software bug caused many Nest thermostats (pictured) to deactivate. Similar issues may occur if they become the victim of a cyberattack.
“There is new technology, new services and new devices that are being created, installed and plugged into the internet with security being an afterthought, without security designed from the very beginning,” says Honan.
There is an onus on companies out there developing applications services and solution that they need to make sure they build in security at the beginning instead of making it an afterthought.
It’s a concern echoed by Harris who says what we could see now are industries, which traditionally never dealt with the internet, having to tailor their devices to cope.
“Industries that haven’t been dealing with security threats that the internet brings are now front and centre of those threats,” says Harris. “They’re not doing the things the IT world has learnt, to varying levels of success, to defend against these attacks, and that’s combined with organised crime working out how to monetise these threats”.
Most organisations prioritise functionality. [They ask] ‘Does it do what it’s supposed to do?’ instead of ‘Does it do things it’s not supposed to do?’
So it’s all doom and gloom, huh?
Not quite. While such attacks are easier to do, defences against them have improved and for every attack you hear about, there are many, many more that failed.
Unsurprisingly, the responsibility falls on companies and site owners themselves to have the necessary protection. It’s easier for larger corporations to fund, but smaller businesses should keep it in mind since such attacks can have a bigger impact on them.
[DDoSs are] not too complicated to conduct,” says Honan. “Likewise if you have the right tools and services in place, they’re easy to defend against too”.
For businesses that are going online, they will need to sit down and look at what services they’re offering online and the potential threats they face and put the right protection in place … The same way you’re opening up a physical office, you need to make sure you have security in place.
Harris offers similar advice for smaller businesses.
“There are things organisations can do [like] have conversations with their ISPs (Internet Service Provider) about what protection they can get,” he says. “Often what you see is organisations won’t do anything until they get hit … and they don’t realise how important their website is to their business.”
Yet a DDoS attack isn’t the be all and end all for anyone, and while they can take sites offline, Harris puts the situation into perspective.
The world hasn’t collapsed. A couple of sites are knocked out. It’s not the end of the world.
Sometimes they are done to divert attention while a more advanced and targeted attack is carried out. Although that’s just speculation, it could just as much as easily be an individual or group who want to cause the government a bit of grief.
The CSO were implicated in the deceipt with eurostat and IW. So this might he a businessman with intentions to buy IW laying down a marker but likely it was Paul Murphy and Gerry Adams. Or so the fella with the two pints talking to Enda told me.
They know that knocking out a website will divert the attention of IT admins and generate a whole load of noise. Same as in the physical world, if you can create a distraction for the people tasked with monitoring security a theft or other criminal act stands a much greater chance of succeeding.
Let me guess, to be blamed on some crazed water protesters. I heard these water protesters operate out of hallowed out hills from the Wicklow mountains where they have several different command centers.
Do you seriously think that someone will go to the effort of trying to hack someone else’s heating system?
And we have strict data privacy laws to stop personal data being exchanged. Not saying it doesn’t happen but it’s not as widespread as you make it out to be. Nice fearmongering though.
While the ‘internet of things’ offers greater control and convenience to users, it also exposes users to greater risk. There could be a coordinated attack on a given geographical region or device – imagine that during a snow storm (as the US is experiencing) a hacker could potentially shut down your heating system. Fridge companies selling your eating habits data to food retailers without your consent or even your living routine data being monitored, reported on and sold to the highest bidder!
I can see the future, good old Denis has bought a software company at a knocked down price. Yes it’s getting clearer, the taxpayer will pay his company millions to develope some software that you could buy over the counter at any computer store then we will Lience this software to good old Denis and co. At an inflated price this software by law will have to be install on all computers in Ireland. It won’t fix any bugs just contuine create another windfall for unnamed investors in another offshore company. Let’s keep the gravy grain going.
Ddos is very simple you’re in a restaurant with 4 staff think of the staff as the backend servers.The system as it operates works fine , now theres 100 people there and for some strange reason they all shout their orders the staff can’t keep up and confusion ensues. The staff get fed up and walk out leaving the people shouting.
The tcp/ip system can usually handle 1000 requests but in a case like buying in tickets for a major concerts like in ticket master this happens normally.
The creepy part is that in order to do the Ddos the hackers have to compromise peoples computers. Your laptop could be part of that operation and you would not know it.
Prayer service to be held in Clare for mother and children killed in Fermanagh shooting
16 mins ago
390
border clashes
Thailand and Cambodia agree to peace talks after Trump intervention as shelling continues
Updated
39 mins ago
3.0k
Croagh Patrick
8 priests respond to Reek Sunday callout as some opt for earlier climb due to All-Ireland clash
17 hrs ago
54.6k
36
Your Cookies. Your Choice.
Cookies help provide our news service while also enabling the advertising needed to fund this work.
We categorise cookies as Necessary, Performance (used to analyse the site performance) and Targeting (used to target advertising which helps us keep this service free).
We and our 214 partners store and access personal data, like browsing data or unique identifiers, on your device. Selecting Accept All enables tracking technologies to support the purposes shown under we and our partners process data to provide. If trackers are disabled, some content and ads you see may not be as relevant to you. You can resurface this menu to change your choices or withdraw consent at any time by clicking the Cookie Preferences link on the bottom of the webpage . Your choices will have effect within our Website. For more details, refer to our Privacy Policy.
We and our vendors process data for the following purposes:
Use precise geolocation data. Actively scan device characteristics for identification. Store and/or access information on a device. Personalised advertising and content, advertising and content measurement, audience research and services development.
Cookies Preference Centre
We process your data to deliver content or advertisements and measure the delivery of such content or advertisements to extract insights about our website. We share this information with our partners on the basis of consent. You may exercise your right to consent, based on a specific purpose below or at a partner level in the link under each purpose. Some vendors may process your data based on their legitimate interests, which does not require your consent. You cannot object to tracking technologies placed to ensure security, prevent fraud, fix errors, or deliver and present advertising and content, and precise geolocation data and active scanning of device characteristics for identification may be used to support this purpose. This exception does not apply to targeted advertising. These choices will be signaled to our vendors participating in the Transparency and Consent Framework. The choices you make regarding the purposes and vendors listed in this notice are saved and stored locally on your device for a maximum duration of 1 year.
Manage Consent Preferences
Necessary Cookies
Always Active
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
Social Media Cookies
These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then these services may not function properly.
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not be able to monitor our performance.
Store and/or access information on a device 149 partners can use this purpose
Cookies, device or similar online identifiers (e.g. login-based identifiers, randomly assigned identifiers, network based identifiers) together with other information (e.g. browser type and information, language, screen size, supported technologies etc.) can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here.
Personalised advertising and content, advertising and content measurement, audience research and services development 195 partners can use this purpose
Use limited data to select advertising 158 partners can use this purpose
Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are (or have been) interacting with (for example, to limit the number of times an ad is presented to you).
Create profiles for personalised advertising 119 partners can use this purpose
Information about your activity on this service (such as forms you submit, content you look at) can be stored and combined with other information about you (for example, information from your previous activity on this service and other websites or apps) or similar users. This is then used to build or improve a profile about you (that might include possible interests and personal aspects). Your profile can be used (also later) to present advertising that appears more relevant based on your possible interests by this and other entities.
Use profiles to select personalised advertising 120 partners can use this purpose
Advertising presented to you on this service can be based on your advertising profiles, which can reflect your activity on this service or other websites or apps (like the forms you submit, content you look at), possible interests and personal aspects.
Create profiles to personalise content 51 partners can use this purpose
Information about your activity on this service (for instance, forms you submit, non-advertising content you look at) can be stored and combined with other information about you (such as your previous activity on this service or other websites or apps) or similar users. This is then used to build or improve a profile about you (which might for example include possible interests and personal aspects). Your profile can be used (also later) to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.
Use profiles to select personalised content 48 partners can use this purpose
Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services (for instance, the forms you submit, content you look at), possible interests and personal aspects. This can for example be used to adapt the order in which content is shown to you, so that it is even easier for you to find (non-advertising) content that matches your interests.
Measure advertising performance 177 partners can use this purpose
Information regarding which advertising is presented to you and how you interact with it can be used to determine how well an advert has worked for you or other users and whether the goals of the advertising were reached. For instance, whether you saw an ad, whether you clicked on it, whether it led you to buy a product or visit a website, etc. This is very helpful to understand the relevance of advertising campaigns.
Measure content performance 78 partners can use this purpose
Information regarding which content is presented to you and how you interact with it can be used to determine whether the (non-advertising) content e.g. reached its intended audience and matched your interests. For instance, whether you read an article, watch a video, listen to a podcast or look at a product description, how long you spent on this service and the web pages you visit etc. This is very helpful to understand the relevance of (non-advertising) content that is shown to you.
Understand audiences through statistics or combinations of data from different sources 111 partners can use this purpose
Reports can be generated based on the combination of data sets (like user profiles, statistics, market research, analytics data) regarding your interactions and those of other users with advertising or (non-advertising) content to identify common characteristics (for instance, to determine which target audiences are more receptive to an ad campaign or to certain contents).
Develop and improve services 116 partners can use this purpose
Information about your activity on this service, such as your interaction with ads or content, can be very helpful to improve products and services and to build new products and services based on user interactions, the type of audience, etc. This specific purpose does not include the development or improvement of user profiles and identifiers.
Use limited data to select content 51 partners can use this purpose
Content presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type, or which content you are (or have been) interacting with (for example, to limit the number of times a video or an article is presented to you).
Use precise geolocation data 65 partners can use this special feature
With your acceptance, your precise location (within a radius of less than 500 metres) may be used in support of the purposes explained in this notice.
Actively scan device characteristics for identification 36 partners can use this special feature
With your acceptance, certain characteristics specific to your device might be requested and used to distinguish it from other devices (such as the installed fonts or plugins, the resolution of your screen) in support of the purposes explained in this notice.
Ensure security, prevent and detect fraud, and fix errors 122 partners can use this special purpose
Always Active
Your data can be used to monitor for and prevent unusual and possibly fraudulent activity (for example, regarding advertising, ad clicks by bots), and ensure systems and processes work properly and securely. It can also be used to correct any problems you, the publisher or the advertiser may encounter in the delivery of content and ads and in your interaction with them.
Deliver and present advertising and content 126 partners can use this special purpose
Always Active
Certain information (like an IP address or device capabilities) is used to ensure the technical compatibility of the content or advertising, and to facilitate the transmission of the content or ad to your device.
Match and combine data from other data sources 94 partners can use this feature
Always Active
Information about your activity on this service may be matched and combined with other information relating to you and originating from various sources (for instance your activity on a separate online service, your use of a loyalty card in-store, or your answers to a survey), in support of the purposes explained in this notice.
Link different devices 67 partners can use this feature
Always Active
In support of the purposes explained in this notice, your device might be considered as likely linked to other devices that belong to you or your household (for instance because you are logged in to the same service on both your phone and your computer, or because you may use the same Internet connection on both devices).
Identify devices based on information transmitted automatically 116 partners can use this feature
Always Active
Your device might be distinguished from other devices based on information it automatically sends when accessing the Internet (for instance, the IP address of your Internet connection or the type of browser you are using) in support of the purposes exposed in this notice.
Save and communicate privacy choices 103 partners can use this special purpose
Always Active
The choices you make regarding the purposes and entities listed in this notice are saved and made available to those entities in the form of digital signals (such as a string of characters). This is necessary in order to enable both this service and those entities to respect such choices.
have your say