Cyber ambush takes IOL offline
Johannesburg - In an unprecedented attack, Independent Newspapers succumbed to a massive cyber ambush by a group identifying itself as Anonymous Africa yesterday morning.
The cyber criminals launched a distributed-denial-of-service (DDOS) attack on the media group’s internet site IOL in revenge for what it believed was the newspaper group’s support for Zimbabwe’s President Robert Mugabe.
Alistair Otter, IOL’s editor, said: “As a news organisation that includes more than a dozen newspapers, as well as online properties, we publish a range of opinions, including some that may not be popular. It is unfortunate that anyone could use this simple principle of media as an excuse for an attack on us.”
On Twitter the group, using the handle @Zim4thewin, posted a warning shortly before 11am: “Please note everyone. Today #IOL will be attacked for ignoring the genocide against the Ndebele people and for supporting a dictator.”
Online visitors were unable to access the site between 11am and 1pm, when services were restored.
Costa Koutakis, the chief client officer at Internet Solutions, which hosts the IOL domain, said the website had not been hacked and the perpetrators did not gain access to sensitive information. But 50 other websites using Internet Solutions’ shared infrastructure were also affected when the technology company shut down certain portals.
“When we found the source we shut down only the site and the rest of the network was available. We were able to establish that it was only destined for the IOL website,” Koutakis said.
The resultant damage could not be easily quantified.
Independent Newspapers staff, including Business Report employees, were unable to access e-mail and internet services for the duration of the attack.
The modus operandi of a DDOS attack is to hijack several computers from which malicious software is issued to control a target and interrupt access. In the case of Independent Newspapers, the perpetrators flooded the site with numerous requests until it could not cope and shut down.
Craig Rosewarne, a director at Wolfpack Information Risk, said many computers in Africa and Third World countries were susceptible to cyber attacks largely because of software piracy. A machine running pirated software often did not have access to security updates and was vulnerable.
He said the recourse for victims was minimal – there was a less than 1 percent chance of tracing the perpetrators, unless a company was prepared to spend handsomely. The best option was to improve security. “The scary thing for South African companies is once the Protection of Personal Information Bill is active, companies will have to disclose breaches.”
He said companies might also have to pay those affected by the breach. - Business Report