The European Commission servers were forced to go offline for hours on Thursday after suffering a series of large-scale distributed denial of service (DDoS) attacks.
The Commission confirmed there was no data breach and also claimed that there was no service interruption but one staff member revealed they couldn’t access the Internet for hours after the attack. It is unclear if Commission’s servers were down due to the attack or if security specialists purposely disconnected them from the Internet to avoid further damage.
In an exclusive conversation with Politico, Commission spokesperson said that,
“No data breach has occurred. The attack has so far been successfully stopped with no interruption of service, although connection speeds have been affected for a time.”
The spokesperson also stated that attacks began around 3 p.m directed at the European Commission’s website and network gateways by sending millions of requests per second blocking Internet access for the staff.
The motive and identity of culprits behind this attack are still unknown however the EU’s cyber emergency response team (CERT-EU) is already conducting a full-scale investigation.
At the time of publishing this article, the European Commission’s website was restored and reachable.
2016 has been a bad year for the Internet. From large scale data breaches to massive DDoS attacks all came one after another. Previously, a security researcher Brian Krebs had his website under cyber attacks with 665 Gbps whilst France-based OVH hosting suffered Internet’s largest ever DDoS attack with 1Tbps traffic. Last month, Dyn, a DNS provider also came under a series of non-stop DDoS attacks forcing Internet giants including Twitter, PayPal, MySpace, Reddit, Spotify, Etsy, Box and Wix websites to stay offline for almost one day.
One thing that was common in aforementioned attacks was the use of Mirai malware where hackers used millions of hacked Internet of Things (IoT) devices using the publicly available Mirai source code for their cyber attacks.