DoS Cyber Attack on a Government Agency in Europe – April 2012 Constantly Changing Attack Vectors


Background

The customer was targeted with a DDoS campaign that lasted five consecutive days. In the days preceding the attack, Anonymous published threats of attacks to European ISPs and government websites. ERT assisted one of the largest European ISP to prepare for this attack. Nevertheless, no direct threat to the customer website was made and this attack was not credited to Anonymous (actually it was not published in the media at all). This attack had several unique characteristics; all of which might infer a different motivation (see more under Attack Motivation)

Attack Vectors

There were three confirmed attack vectors in this attack campaign:

  • Attack Vector I: Empty Connection Flood on TCP/80 4
  • Attack Vector II: FIN-ACK Flood on TCP/80
  • Attack Vector III: HTTP Flood

Additional Information

For additional information regarding the threat, read the full Attack Report. Download Now