A days-long cyber-attack against the District government has sent city officials scrambling to plug any security flaws that could leave DC.gov exposed to hackers, even as computer experts said it would have been difficult for Washington to protect itself in advance. “We continue to monitor our infrastructure for any denial of service attacks and to mitigate their impact. We will pursue all options available to reduce the impact from future events of this type,” mayoral spokesman Pedro Ribeiro said. “We have gained valuable lessons from the response activities associated with this event.”
Late Wednesday night, District officials “detected an attempted intrusion into its technology infrastructure,” an internal city email obtained by The Washington Examiner showed.
By Thursday morning, hackers had unleashed a larger distributed denial of service attack, using “bots” to overload the District’s Web servers and effectively render them useless. The attack continued beyond Thursday, though, with the hackers striking DC.gov again late Sunday. The repeated assaults were not, however, disrupting any vital city services, District officials said.
One computer security expert said that, although such tactics are rudimentary, they carry significant consequences.
“It’s not necessarily the most complex attack to engage in from an attacker perspective, but from a victim perspective, it’s devastating,” said Dave Marcus, the director of security research for anti-virus software maker McAfee Labs. “This type of attack is just exceptionally difficult to really protect yourself against.”
Although District officials have declined to elaborate about their response to the attack, Marcus said the city is likely reviewing forensic evidence that would help experts track down the culprits and repair any computer system weaknesses.
The Underground Nazi hacker collective — more commonly known as UGNazi — claimed responsibility for the episode, as well as separate cyber-attacks against Nasdaq and the New York City government.
“We attacked DC.gov because we do not like the way the government addresses the Internet. They act as if we have no input whatsoever, and they will pay for that,” a hacker who identified himself as “Cosmo” wrote in an email to The Examiner. “There will be many more attacks launched against D.C. and other government websites.”
In a separate message on Friday, Cosmo warned Thursday’s attack was “just the start of our whole plot against D.C. gov[ernment].”
Marcus said it’s unlikely the group is bluffing about its plans.
“I think there’s more than a decent chance they’ll strike again, especially if they feel they’ve had a level of success, gotten their message out there and are not seeing any short-term ramifications for their behavior,” Marcus said.
A spokeswoman for the FBI said the agency was aware of the hacking episode and will “take further investigative steps as warranted.”
