Alabama state and city governments grapple with pair of cyber incidents | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

boonchai wedmakawand/Moment RF/Getty Images

Several government agencies in Alabama have been affected by distributed denial of service (DDoS) attacks.


A cyberattack caused intermittent “disruptions” for websites of multiple Alabama government agencies on Wednesday, in an incident that had state officials working throughout the day to defend their networks from hackers, a spokesperson for Alabama’s Office of Information Technology told CNN.

“[W]e understand that the disruptions were initially widespread across state services, and those effects have diminished throughout the day as we have worked with our vendors to counter the denial-of-service attack,” said the spokesperson, Jeremy Ward.

There was no breach of government networks or data stolen in the cyberattack, according to the office of Republican Gov. Kay Ivey, which said the attack began Tuesday afternoon.

It is, however, an example of how hackers half a world away can use rudimentary techniques to send American state and local officials scrambling to defend their computer systems.

The incident came as one of Alabama’s largest cities, Birmingham, dealt with an apparently separate computer network issue that has caused service issues for days.

“A disruption of the city’s computer network” affected transactions involving licensing, taxing and permitting, the City of Birmingham said in a March 6 statement. A week later, there has been no public update from the city. Birmingham’s Office of Public Information did not respond to multiple requests for comment on Wednesday.

Whatever the cause of the network disruption, it has affected police work in some areas, reported on Tuesday, such as checking to see if a vehicle is stolen or if someone has an outstanding warrant. Sergeant LaQuitta Wade, a spokesperson for the Birmingham Police Department, referred questions to Birmingham’s Office of Public Information.

In the case of the cyberattack on Alabama government websites, hackers flooded the sites with phony traffic in an apparent attempt to knock them offline — a common attack method known as distributed denial of service (DDoS).

Gerald Auger, a cybersecurity expert and partner at Coastal Information Security, calls these attacks “effective” at disrupting companies and services, but not sophisticated.

“Think of it like opening the water on a fire hydrant,” Auger told CNN. “You’re only going to have that pressure keeping someone from getting to the fire hydrant as long as you keep it up.”

A nebulous group known as Anonymous Sudan claimed responsibility on their Telegram social media channel for the DDoS attack on Alabama government websites. It named the Alabama Law Enforcement Agency, among other targets. The group emerged last year and bills itself as one of many “hacktivist,” or activist hacking groups, that targets organizations for political reasons.

The group said it wanted to call attention “to the dire situation in Sudan,” but it was not clear how targeting Alabama government websites served that purpose. Despite its name, it’s unclear where the group is based, according to cybersecurity experts.

“We’ve seen waves of attacks against numerous targets, including the State of Alabama,” Richard Hummel, senior threat intelligence manager at cybersecurity firm Netscout, told CNN. The attacks against Alabama government websites typically lasted five to 10 minutes, Hummel said.

State and local governments have been pummeled with ransomware and other hacking threats in recent years, and they are sometimes short on money and personnel to deal with the threats. More than 2,200 US hospitals, schools and governments were “directly impacted” by ransomware last year, according to a tally from cybersecurity firm Emsisoft.

DDoS attacks can also cause disruptions to the local communities that rely on school, hospital and election websites for information, Hummel said.

“No matter the target, these attacks are an ever-present nuisance that cannot be ignored,” he added.


Click Here For The Original Story From This Source.


National Cyber Security