House website comes under ‘500M’ attacks in one day

The official website of the House of Representatives was hit by about half a billion cyberattacks on March 13, prompting its leaders to seek help from the Department of Information and Communications Technology (DICT).

Speaking to reporters on Thursday, House Secretary General Reginald Velasco said the chamber had monitored 53.72 million DDoS attacks between 8 a.m. and 9 a.m. on Wednesday.

DDoS stands for distributed denial of service, an attack where the target website is flooded with superfluous requests in order to overload the host and disrupt its services until the site is rendered inaccessible to the public.

The attacks originated from Indonesia, the United States, Colombia, India, and Russia, based on the internet provider or IP addresses, according to Velasco.

At 2:52 p.m. on Wednesday, the website recorded another 487.93 million attacks, this time using IP addresses from Tunisia, Thailand, and Greece, bringing the total to over half a billion attacks in one day, he added.

Sensing ‘destab’

The House official said the one-day barrage might be part of an attempt to “destabilize the institution.”

Velasco said the DICT had been asked to investigate the attacks and “ascertain where they are really coming from if they are local or foreign hackers or a collaboration of both.”

“We must know the reason for these attacks—is it for money or for political reasons?— as (those who did them) may have been contracted to destabilize our institution for whatever purpose,” he said.

In October last year, the House website was also defaced by someone who left a message on the homepage that read: “You’ve been hacked. You’ve been hacked. Have a nice day.”

AI suspected

Arnold de Castro, the House director for information technology, said there remained “no breach” that would compromise the chamber’s private data despite Wednesday’s attacks.

De Castro said the DDoS attacks could mean the perpetrators were “staging an offensive because they couldn’t hack into the network, so they just resorted to disrupting the services.”

READ: DOST asks DICT to probe cyberattacks on news websites

Given the volume of the attacks in such a short period, he said they were probably done with the help of artificial intelligence (AI).

The House is currently looking for a service provider that could help improve its cybersecurity protocols, De Castro said.

Read more...