The National Crime Agency's (NCA) website suffered a slight outage today as a result of a distributed denial of service (DDoS) attack that made it difficult for users to access its public-facing site.
The UK agency, which is equivalent to the FBI in the US, has always presented itself as “an attractive target” for cybercriminals and hackers and is often the target of such attacks. The NCA is so accustomed to being hit with DDoS attacks that it considers them to be “a fact of life.”
A spokesperson for the agency was critical of the tool used by hackers to bring down its website and described DDoS as a “blunt form of attack which takes volume and not skill. It isn't a security breach, and it doesn't affect our operational capability.”
Whereas large corporations and other organisations could lose a substantial amount of business from such an attack, the NCA's website is used primarily to inform citizens about the agency, its operations and how to apply for a position working there. The spokesperson highlighted just how little its public-facing website being going offline means to the agency, saying: “At worst it is a temporary inconvenience to users of our website.”
Though there are a number of DDoS prevention services currently available, the NCA does not wish to waste government funds to ensure that its website is always online. The agency noted that it has “a duty to balance the value of keeping our website accessible with the cost of doing so, especially in the face of a threat which can scale up endlessly.”
This does not mean that the NCA has not implemented security measures to keep its website up and running. In fact the agency explained the power of its current measures saying, “The measures we have in place at present mean that our site is generally up and running again within 30 minutes, and we think that's proportionate.”
Image Credi: Duc Dao / Shutterstock