wpostServer: http://css.washingtonpost.com/wpost2

Most Read: Politics

Read In

Now Viewing: People from around the country looking at Post Politics section

See what's being read across the country ›

Social Surface: Politics

Federal Eye
Posted at 06:00 AM ET, 01/20/2012

How was the Justice Department Web site attacked?


Josh Mayeux, network defender, works at the Air Force Space Command Network Operations & Security Center, which defends against cyber attacks on Defense Department communications systems, at Peterson Air Force Base, in Colorado Springs. (RICK WILKING - REUTERS)
Hackers successfully crippled the Justice Department’s Web site Thursday, scoring the second significant attack on a major government site in six months and once again prompting questions about the protection of federal Internet properties.

Eye Opener

An apparent denial of service attack, which overloads a site’s servers with requests for access, crippled portions of www.Justice.gov Thursday afternoon. Despite the hours-long outage, Justice and White House officials initially said they unaware of the attack.

By late Thursday, DOJ admitted its site was experiencing “a significant increase in activity, resulting in a degradation in service,” and officials said they would treat the situation “as a malicious act until we can fully identify the root cause of the disruption.”

A loosely affiliated group of hackers known as Anonymous said the attack was in response to DOJ’s decision to shut down Megaupload.com on charges that the popular Web site illegally shared movies, television shows and e-books. Several of the site’s executives were indicted and arrested Thursday by the FBI.

In July, another hacker group, LulzSec, claimed responsibility for taking down the CIA’s Web site for about two hours. Days later, Anonymous celebrated a successful denial of service attack on MasterCard’s site.

Hackers also used about 60,000 compromised computers around the world with varying success in 2009 to target sites for the White House, the Department of Homeland Security, the Defense Department and the Federal Aviation Administration.

The U.S. Computer Emergency Readiness Team, a component of DHS, is responsible for monitoring major cybersecurity threats for the federal government and the private sector, but each federal agency is responsible for its own information technology security — leading to a disparate, unorganized system of protocols and protections that costs taxpayers billions of dollars annually.

A December government report found that 56 federal agencies own at least 1,489 .gov domains and operate thousands of individual sites. Agencies reported using at least 150 different systems to create and publish Web sites and 250 different Web hosting providers. Most decisions on how to publish sites are made by mid-level agency officials, the report said. The report, requested by the White House, was meant to provide the first government-wide inventory of federal Web holdings.

Though the federal government has systems in place to protect against significant, widespread cybersecurity attacks, every agency must fend for itself against the kind of attack that occurred Thursday. Is that a good thing? Or a recipe for disaster? The comments section awaits your thoughts.

Follow Ed O’Keefe on Twitter: @edatpost

Further reading:

How many .gov sites exist? Thousands.

Federal indictment claims Megaupload.com shared pirated material

For more, visit PostPolitics and The Fed Page.

Gloves come off in final South Carolina debate

The Fix: S.C. Debate’s winners and losers

Fact Checker: 15 dubious debate statements

Senate delays vote on anti-piracy bill PIPA

Marianne Gingrich, Newt’s ex-wife, says he wanted an ‘open marriage’

By  |  06:00 AM ET, 01/20/2012

Categories:  Eye Opener, Agencies and Departments

 
Read what others are saying
     

    © 2011 The Washington Post Company