Australian gov't calls on experts over DDoS attack

Summary:Security experts from Australia's Department of Defence have been called in to assist agencies that were targeted by an attack on websites including the prime minister's

Security experts from Australia's Department of Defence have been called in to assist federal government agencies that were targeted by a denial-of-service attack on Wednesday night, with sources predicting further attacks.

The Attorney General's Department (AGD) has called in the Defence Signals Directorate's Cyber Security Operations Centre and provided IT security advisors to each of the targeted agencies in Wednesday's attack, according to an AGD spokesperson.

The only website that appears to have been affected by yesterday's distributed denial-of-service (DDOS) attack on government web servers was the site belonging to the Australian prime minister and cabinet. But it was not hacked, according to the spokesperson.

"I can confirm that the prime minister's website was unavailable for a short time shortly after 7pm on 9 September, 2009. Visitors to the site received an error message stating that the service was unavailable," said the spokesperson. "There was no unauthorised access to the website's infrastructure."

A group calling itself 'Anonymous' published its threat to wage cyberwar on the Australian government a month ago on YouTube. It demanded that the government abandon its internet-filtering plans, and threatened to flood government email, fax, phone and internet services if its demand was not met.

Yesterday, AGD said it had referred the threats to the AFP, which was investigating the matter; however, it appears the response to the attacks was led by ISPs. "Agencies are working with their internet service providers to respond to any attacks," the AGD spokesperson said.

Media reports that claimed the Australian Media and Communications Authority (ACMA) was affected were inaccurate, according to the AGD.

The AGD spokesperson did not clarify whether ACMA had chosen to take down its site before the attack, though on Wednesday IT security body the Sans Institute suggested, if possible, switching off a target site before the attack.

Earlier this year, ACMA was subjected to a similar attack, which resulted in its site being shut down for several days as Australian Federal Police investigated the incident.

ZDNet UK's sister site, ZDNet Australia, understands that besides ACMA, the websites of welfare agency, Centrelink, universal health insurer, Medicare and minister for communications Stephen Conroy were also targeted. A spokesperson from Centrelink said its web servers were not affected.

Sans Institute member Mark Hofman, who was monitoring the attacks last night, said the group's only achievement was publicity. "As far as impact goes the net result seems to be zilch," wrote Hofman.

He later added: "It achieved some publicity and managed to make the PM's website unavailable for a few minutes. Otherwise there was no impact."

However, there is now speculation within senior levels of Australia's information security industry that follow-up attacks are expected.

Topics: Security

About

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, s... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.