The website of the UK’s Serious Organised Crime Agency (SOCA) has been downed by what is starting to look like the most serious cyberattack ever to hit the site.
Reported as having been offline since Wednesday night (2 May), by Thursday morning the site had still not returned as expected, an unusually long blackout for such a high-profile website.
The site has been hit before, notably by alleged LulzSec hacker Ryan Cleary in June 2011, and will have found itself under some form of attack more or less every day since.
What has caused the latest downing is unknown. A DDoS attack is the most likely culprit but these do not usually take hours to deflect. A more serious incursion is starting to look at least possible; the outage is now even longer than that allegedly caused by Cleary.
The value of attacking the site is, of course, only symbolic, a means of drawing attention to the hacker’s cause or simply embarrassing the UK’s most strategic policing organisation, and the very one-handed job of coping with cybercrime.
Only days ago SOCA trumpeted its latest cybercrime coup, taking part in the closing down of 36 websites used by criminals around the world to sell stolen card and bank details.
That came after less triumphant revelations on the alleged hacking exploits of an Irish teen who was able to listen in on a conference call between SOCA officials and the FBI in January, later posting the contents on YouTube.
"Although it's natural to assume that hacktivists such as Anonymous and LulzSec might be responsible [for the SOCA attack], it's equally possible that other cybercriminals are to blame," commented Graham Cluley of security company Sophos.
Whoever is to blame - they may have chosen their victim unwisely, as a DDoS attack can land the perpetrators in jail for up to ten years."