Anonymous Australia has been launching attacks against Australian government websites in a bid to disrupt government services.
Throughout the week, the group has been testing government websites in preparation for distributed denial-of-service (DDoS) attacks, including those belonging to the Australian Federal Police (AFP), the Australian Security Intelligence Organisation (ASIO), the Defence Signals Directorate (DSD), the Computer Emergency Response Team, the Attorney-General's Department and the Australian Crime Commission.
Anonymous has been claiming on its Twitter feed over the past few days that it was able to bring down several sites, including ASIO's. It wrote: "asio.gov.au has been down for some time now, And will be for the rest of the day!" However, the site was back up earlier in the day, and was still up at the time of writing.
ASIO admitted that it has been experiencing some technical difficulties with its site, but stated that any disruption would not represent a risk to its business, since it does not host any classified information on its public website. While DDoS attacks do not require the targeted website to be breached, ASIO declined to comment on whether its systems have remained secure from penetration.
The DSD told ZDNet Australia that it is "aware of recent hacktivist activity directed at the DSD website", but that it has "not experienced any technical issues, and has remained available". It, too, reaffirmed that it does not store any confidential material on its website. This has been proven the past, when the DSD's web server was; the only incident of note was public information that was leaked before its official release date.
Anonymous Australia has stated that it will stop the attacks at 10pm AEST.
Denial-of-service attacks are only effective for as long as the attacker continues sending erroneous requests to the server, overloading the ability of it to respond to legitimate ones. This means that while a site can be "taken down" temporarily, hackers need to continue attacking it to force it to remain down. It also means that attackers will need to acquire more resources, usually by compromising more computers or recruiting more members, if they wish to take down more than one website at a time.