Hacktivists have delivered on their promise to take down Brazil’s official World Cup website, effectively disrupting this year’s competition and adding significant weight to their ongoing global threats to use of computers and computer networks to promote political ends,
This is no surprise, according to Incapsula, a cloud-based website security and performance service. Last week, Incapsula Co-founder and Chief Business Officer Marc Gaffan warned the FIFA site was at risk in the wake of two other incidents.
On June 11, feedly announced it was under attack by a distributed denial-of-service (DDoS) attack refusing to pay the ransom demanded. At the same time, Evernote announced it too had been struck by a DDoS attack.
Prepare for the Worst
Gaffan noted today that the attacks on feedly and Evernote, while "important and troubling all on their own," were executed in the same week that Anonymous announced it was prepping a widescale attack on FIFA’s World Cup sponsors. Often before a large attack, hackers engage in preliminary attacks to "flex their muscles," he said, "guaranteeing that when the real strike comes, all resources will be working at their highest capacity."
"Further evidence of this is that some of the official government sites we work with have seen an escalation in DDoS activity in the last week. What we saw with Evernote and feedly was a prelude to the real show.”
Incapsula’s Product Evangelist Igal Zeifman added:
In a time when anyone can Google up a 'botnet for hire' and use it to execute a 20-40Gbps attack, from several thousands sources, no threat can be truly dismissed. The fact that this attack could succeed, even after the early warning, is a great reminder as to why organizations should always re-evaluate their DDoS protection, or risk the consequences."
Bigger, Faster, Stronger Attacks
According to research, DDoS attacks are growing – up 240% in 2014. Incapsula protects tens of thousands of websites from DDoS attacks – and can discuss, in detail, recent large-scale attacks.
We've told you about several potentially serious DDoS attacks recently, including one in which hackers used a novel technique to get thousands of online video viewers to unwittingly bombard a B2B website with junk traffic. Although early bets were on YouTube.com and Xvideos.com, the attack was ultimately traced to Sohu.com, China’s eighth largest website and the 27th most visited website in the world.
Then we explained how hackers can apparently exploit vulnerabilities in Facebook and Google to perform DDoS attacks on target websites.
Brazilian hackers have been threatening since February to disrupt the World Cup with attacks ranging from jamming websites to data theft, adding cyber warfare to the list of challenges for a competition already marred by protests, delays and overspending. Many Brazilians are angry that more than 33 billion reais ($14 billion) in federal funds have been spent on World Cup preparations.
An alleged hacker who identified himself by the nom de guerre of Eduarda Dioratto told Reuters in February, "I don't think there is much they can do to stop us."
Four months later, it appears he was right.