UK's SOCA website taken offline in DDoS attack

Summary:The UK's Serious Organised Crime Agency was pulled on Wednesday after a DDoS attack. Nobody has yet claimed responsibility for the attack.

The UK's Serious Organised Crime Agency (SOCA), dubbed the 'British FBI', pulled its website offline after a distributed denial-of-service attack.

The soca.gov.uk site has been offline since 10 p.m. on Wednesday.

Last week, SOCA announced it had recovered more than 2.5 million threads of personal data and arrested two people in connection with a stolen credit card ring.

Such DDoS attacks are not "hacks," due to the fact the law enforcement agency's network was not breached nor was any data stolen. It is common practice for critical services to run away from a company's website infrastructure to reduce the harm from an intrusion.

"Soca's website contains only publicly available information and does not provide access to operational material," the agency said.

Launching or being involved in DDoS attacks is a misappropriation of a digital item, and is punishable with 10 years in the slammer under the Computer Misuse Act.

A spokesperson said the attack did "not pose any security risk to the organisation," and that the attack only caused "temporary inconvenience to website visitors".

The reason SOCA pulled the plug on its site was in part to spare the taxpayer.

"Soca does not consider it to be a proportionate response, or a responsible use of taxpayers' money, to maintain excessive bandwidth on the off-chance of a DDoS attack on a public-facing website."

As a UK taxpayer, it's somewhat refreshing to hear a government department actively taking efforts to reduce its costs, even if it was forced to do so by a bunch of basement-dwelling cyber-hackers.

A SOCA spokesperson declined to comment on who may have been behind the denial-of-service assault.

Social networks speculate Anonymous may have been behind the attack, known Twitter handles for the hacking collective has not made any statement or reference to the cyber-attack.

Hacktivist group LulzSec had previously forced the website offline using similar tactics. The group fell apart after 50 days of high-profile hacks and data leaks, and its members subsequently arrested.

SOCA has come under fire in recent months after it shut down a U.S. domain name, seemingly outside of its jurisdictional reach. It was criticised for using scare tactics on ordinary citizens claiming it "has the capability to monitor" the Internet.

Speaking to the BBC, Trend Micro security expert Rik Ferguson said there would be "little" brand damage to the UK crime agency as a result of such attacks.

"The sensible person doesn't walk around in a beekeeper's outfit to keep the wasps away from their ice cream in summer," he said, justifying SOCA's move to pull its site off the Web.

Related:

Topics: Browser, Security, Software Development

About

Zack Whittaker writes for ZDNet, CNET, and CBS News. He is based in New York City.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.