Cybersafetyconnections April 8, 2024, vol# 163 

  • According to konbriefing there was a DDoS attack on a parliament in Philippines last month March 2024.This was worse than the previous attack in October 2023. 
  • The parliament’s website and the Filipino people were affected. 
  • Sources of the attacks look to be coordinated attacks from across the globe. 
  • Here is how the parliament in Philippines mitigated loss from the cyber-attack. 

What happened? 

DDoS DNS Cybersakerhet oc.. 

From Congress.govv.ph we have information from the House Secretary General Reginald Velasco that the website of the House of Representatives in the Philippines recently experienced a massive cyberattack. On March 13, the site was targeted an astounding 541.66 million times in an attempt to render it inaccessible. The attack was identified as a Distributed Denial-of-Service (DDoS) attack, which overwhelms a website’s servers with an excessive amount of traffic, effectively disrupting its normal functioning1.  

There was a similar attack last year in October and this attack was reported to be even worse in comparison to last year’s attack. 

Why did this happen? 

Analyzing DDoS attacks 

The motive for the attack was under investigation as well so as to find out if the attack was motivated by political or financial reasons aimed at destabilizing the country. 

Who was impacted? 

 As reported by /www.philstar.com , the House Secretary General Reginald Velasco stated that the intent was to make the website unavailable to users. Therefore, the parliament and the Filipino people were impacted. 

What cybercriminal group was responsible for the DOS attacks? 

The information we have states that a significant 541.66 million attacks were recorded from various countries. Even this information may not be accurate if the cybercriminals used technology (VPN) virtual private network. Investigations are ongoing to determine if the threat actors are external or if there was a collaboration between insiders and external cybercriminal groups. 

How the house mitigated loss from cyberattacks 

Sucuri Vs, Cloudflare 

  • The information and communications Technology Team (ICTS) has effectively blocked and managed the recent DDoS attacks on the Philippine parliamentary website using Cloudflare services.  
  • ICTS promptly displayed an “under maintenance” notice, restarted servers, and resumed normal operations.  
  • The incident was reported to the DICT. Since then, no further attacks have been detected, and the ICTS Team remains vigilant in monitoring internet activity on the website. 
  • The house has urged the DICT to investigate the origins of these DDoS attacks—whether they are local or foreign hackers or a collaborative effort. Understanding the motives behind these attacks is crucial, whether driven by financial gain or political reasons aimed at destabilizing our institution. 
  • The ICTS must maintain heightened vigilance against future attack because the Filipino people rely on the houser website for relevant information, and so it must remain accessible at all times. 
  • We have been reassured that the attacks have been thwarted, and no further malicious activity has been recorded on the website.  
  • The House reassured the public that their commitment to Congress is stronger than any attempts by hackers to compromise our platform. 🇵🇭🌐🔒 

Copilot further suggested these prevention strategies; 

“Certainly! Here are some examples of successful DDoS prevention strategies:” 

  1. Traffic Filtering and Rate-Limiting: 
  1. Shutting Down Unused Services: 
  1. Cloud-Based DDoS Protection: 
  1. Microsoft’s Mitigation of a Massive DDoS Attack: 
  1. GitHub’s Traffic Scrubbing: 

Conclusion 

Remember that DDoS prevention is an ongoing effort, and organizations must stay vigilant, adapt to evolving attack techniques, and employ a combination of strategies to safeguard against these disruptive attacks. 🌐🔒 

Subscribe to get the latest blog post.