The way mainstream media is reporting it, you'd think that hackers wrought serious havoc last night. "Prime Minister’s website hacked," screeched The Australian, quoting an AAP report that ran across News Ltd sites. "Rudd website hacked in filter protest," says ABC News. The anti-Scientology group Anonymous has supposedly branched out to fight internet censorship. What really happened? Someone flooded the PM’s public website, and maybe others, with enough traffic to temporarily overload it. That's it. It's called Denial of Service. "A DoS attack is like those rolling power cuts in the height of summer because everyone's turned their air conditioning on and exceeded the system's capacity," explains My Mate Who Cannot Be Identified Because He Does Sekrit Government IT Stuff. "There's a fixed amount of pipe [to the PM’s website], and it’s all being used, admittedly maliciously." As DoS attacks go, this one was a mosquito bite. At the Internet Storm Centre, a global monitoring centre for internet security, duty handler Mark Hofman issued a warning and then monitored proceedings.
Update 1: Well the [attack] started at 7pm on the dot and has been going on for about an hour or so. www.pm.gov.au is being kept busy and over the hour it was unavailable from where I am for a few minutes at best… Once left alone by a few of the attackers the site is again more than happy. As far as impact goes the net result seems to be zilch. Update 2: The attack is over. It achieved some publicity and managed to make the PM’s website unavailable for a few minutes. Otherwise there was no impact.
There was no hack. If the website was really hacked -- that is, if security had been breached -- the entire site would now be offline for forensic examination. However, as an Attorney-General’s Department spokesperson confirmed to Crikey this morning, "There was no unauthorised access to the site’s infrastructure." Following a brief period when some website visitors received a "service unavailable" message, "the site was fully operational again within minutes." One government systems administrator reported seeing traffic coming from around 3200 unique internet addresses, mostly just one hit each. "That’s about US$15 worth of botnet," scoffed MMWCBNBHDSGITS. As Crikey has reported previously, botnets can comprise half a million hacked computers, rented by the hour on the black market. "One government department I know gets three million attacks a day. On the scale where securely-available websites play, you regularly defend and mitigate against attacks that are days and tens or hundreds of megabits per second long. These guys make amateur look bad," says MMWCBNBHDSGITS. The infosec specialist who spoke with ZDNet.com.au would agree. “The whole Anonymous thing is fanciful garbage. As a group it’s not to be taken seriously," they said. It's unlikely the attacker or attackers were the "real" Anonymous, who put together professional-looking websites in Sydney, Adelaide and elsewhere, and who are distancing themselves from last night’s shenanigans. The culprit would appear to be some loose-canon loser with centre-of-attention deficit disorder donning the V for Vendetta Guy Fawkes mask to get that teen-angst adrenalin buzz of stickin' it to The Man. His website, the shambolic Operation Didgeridie, is filled with childish bravado, confused information about the censorship plans, and low-grade advice for would-be cyber-vandals. "Script kiddies", they're called in the infosec trade. They know enough to download other people’s malicious software and make minor changes, but there's no real understanding of internet security. Or of politics. "Such methods and demands suggest little understanding of how political policy is changed in Australia. Acts like this have the potential to unravel the hard work already done by many to try and end this policy," says anti-censorship campaigner Michael Meloni. For once, Senator Stephen Conroy and I agree. He has this morning called the events "juvenile." Conroy's office has described the Anonymous campaign as "completely misinformed and erroneous", repeating the party line that filtering is of Refused Classification material "such as child sexual abuse imagery, bestiality and s-xual violence" -- without mentioning concerns about the other kinds of RC material -- and saying that the filtering trials are expected to be completed "shortly".