Attack takes Soca crime agency website down

Soca logo The Soca website has been targeted and taken offline in the past

Related Stories

The website of the UK's Serious Organised Crime Agency (Soca) has been taken offline following a cyber-attack.

Soca confirmed to the BBC that soca.gov.uk had suffered a Distributed Denial of Service (DDoS) attack.

A spokesman said the site was taken offline at 22:30 on Wednesday, but that the attack did not "pose a security risk to the organisation".

Soca has recently shut down 36 websites believed to be selling stolen credit card information.

'No security risk'

"We took action to limit the impact on other clients hosted by the [same] service provider," the spokesman said.

"DDoS attacks are a temporary inconvenience to website visitors but do not pose a security risk.

"Soca's website contains only publicly available information and does not provide access to operational material."

Soca would not confirm if it knew the source of the attack or the motive.

A DDoS attack is a common technique in which sites are overloaded with data requests, causing them to fall over.

Last month, Soca was part of a joint effort with the US Federal Bureau of Investigation to shut websites associated with selling stolen financial information.

What is a DDoS attack?

  • A Distributed Denial of Service (DDoS) attack aims to make websites inaccessible
  • The attackers commonly use networks of compromised computers - called a botnet - that they control to launch the attacks
  • By overwhelming the target site with requests, the attackers can ensure that genuine visitors cannot reach the site
  • These requests look like genuine web traffic so can be hard to filter out
  • Typically, such attacks have been aimed at high-profile websites, such as those belonging to government departments, banks and political organisations

Soca said 2.5 million items of compromised data were recovered, preventing a potential fraud estimated at £500m.

Wasps and ice cream

The website has been targeted in the past by members of "hacktivist" group LulzSec. In June 2011, they forced the site offline using similar tactics.

Alleged members of the group were subsequently arrested in connection with the attack.

Security expert Rik Ferguson, from Trend Micro, said that while DDoS attacks could be prevented for many sites, including Soca, the cost may not be justified.

"Is it worth the expense of large-scale DDoS mitigation technologies? Probably not," he said.

"Does it harm the Soca brand to be seen to do nothing or very little to stop these attacks from happening? Again, probably not - Soca are treating the attacks with the contempt they deserve.

"The sensible person doesn't walk around in a beekeeper's outfit to keep the wasps away from their ice cream in summer. The sensible person accepts that wasps are attracted to ice cream and that wasps will always outnumber ice creams."

More on This Story

Related Stories

More Technology stories

RSS

Features & Analysis

BBC Future

(USAF)

Secrets of the aircraft boneyards

The vast storage sites for surplus planes Read more...

Programmes

  • Bitcoin logoClick Watch

    The developer behind the new Bitcoin tech on the fears it will hide criminal activity

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.