Wikipedia DDOS Attack: Wikipedia Hacked, Down for Users Across the Globe
A massive DDOS cyber attack on Friday forced Wikipedia offline in several countries across Europe and in parts of the Middle East.
The website confirmed that it had been hit by a “malicious attack that has taken it offline in several countries,” including Germany, the UK, France, the Netherlands, Israel, Kuwait, and Poland. A spokesperson at Wikimedia Foundation said in a statement on Friday, “The attack is ongoing and our Site Reliability Engineering team is working hard to stop it and restore access to the site.”
The website initially went offline Friday evening CEST, and remained offline until just before midnight when it reappeared, before going offline again early Saturday morning.
Wikipedia has long been a favorite target for online vandalism and hoaxes, but this believed to be is the first time it has suffered a major cyberattack that succeeded in taking it offline.
The effects of this attack were widespread, lasting for at least nine hours and affecting millions of people. In some areas, the outage was initially believed to be government censorship, a possibility not without precedent, as the website has been blocked in China and Turkey.
In this case, however, responsibility for the attack was claimed via Twitter by a previously unknown cybercriminal or cybercriminal group called “UKDrillas.” Though neither Wikipedia nor any government or law enforcement agency has confirmed that this individual/group was behind the attack, their tweets during the attack were consistent with its method and timeline. The Twitter account was banned sometime on Saturday.
A DDOS (distributed denial of service) attack is an attack in which a website is rendered unavailable to its intended users due to an overwhelming number of requests from a network of infected computers, causing its servers to crash. These types of attacks are extremely powerful and damaging and have been on the rise in recent years. As this Wikipedia hack shows, it is important for all organizations to have a proper plan and system in place to defend against these types of attacks. The outages caused by a DDOS can have devastating effects.
If the tweets from the UKdrillas account are to be believed, this Wikipedia DDOs attack could represent a new type of DDOS attack, which uses IOT devices rather than personal computers to overload the victim’s network.
In the wake of the Wikipedia DDOS attack, Craig Newmark Philanthropies committed a $2.5 million donation to the Wikimedia Foundation, “to ensure the security of Wikipedia, as well as the organization’s other sites and global community of volunteers,” according to a Wikimedia statement released on Tuesday.
“Wikipedia’s continued success as a top-10 website that has hundreds of millions of users makes it a target for vandalism, hacking, and other cybersecurity threats that harm the free knowledge movement and community,” said John Bennett, Director of Security at the Wikimedia Foundation. “That’s why we are working proactively to combat problems before they arise.”
Wikimedia has pledged to use this donation to grow their security team and utilize more security controls and services.
In recent years, a number of major websites have been taken offline by DDOS attacks. Apart from this recent Wikipedia DDOS attack, Github, CloudFlare, Spamhaus, the BBC, and various large American online banks have recently been taken offline by DDOS attacks.
According to Wikimedia representatives, this attack that took Wikipedia down, however, is different, targeting not a private company, but a major source of information for people around the world.
“We condemn these sorts of attacks. They’re not just about taking Wikipedia offline. Takedown attacks threaten everyone’s fundamental rights to freely access and share information,” it said. “We in the Wikimedia movement and Foundation are committed to protecting these rights for everyone.”
DDOS Attack Prevention
Wikipedia is the seventh most visited website in the world with 500 million unique monthly visitors. If it’s possible for Wikipedia to be hacked and brought offline, it should be a concern for all companies.
The main reasons for DDOS attacks can be divided into three categories:
- Extortion- The attacker demands money in exchange for stopping the attack
- Retaliation- The attacker attacks the website in response to something they did or said, or a personal vendetta
- Misdirection- The attack is intended to distract the website’s security team from some other attacks happening somewhere else
A good CDN with DDOS protection is essential for companies to stay protected from DDOS attacks. No matter how good their inhouse security team is, organizations should be prepared with outside support in preparation for a worst-case scenario.
Other important measures to stop a DDOS attack include:
Awareness: Website owners and security professionals must be aware that any website can fall victim to a DDOS attack. Never believe that your site is too big or too small to be a target.
Monitoring traffic: Continuous monitoring is essential to protecting websites from DDOS attacks. An application layer DDOS attack, which sends a huge volume of traffic to your servers, can be prevented with careful traffic monitoring.
Web Application Firewall (WAF): A web application firewall is considered one of the best defenses against the most common types of DDOS attacks. A WAF will allow you to set policies and rules to block malicious IPs, bot signatures, and other signs of DDOS attacks.