The US Congress has just recovered after a three-day-long DDoS attack that has crippled its online portal congress.gov, along with adjacent sites such as the US Library of Congress (loc.gov), and the US Copyright Office (coypright.gov).
The attack started on Sunday evening, July 17, and had initially targeted the Library of Congress website, affecting the same server infrastructure on which the other two websites were also hosted.
Despite initial defensive measures, the attack has slowly escalated in the following days and had continued to cause trouble for government officials and site visitors until five hours before this article's publishing date.
At the time of writing, all three websites are up and running. No other government portals appear to have been affected following a quick inspection.
DDos DNS reflection attack seems to be the cause
A US Library of Congress spokesperson said the DDoS flood involved some kind of "DNS attack."
While not officially confirmed, leveraging our technical expertise, we can presume this was a DNS reflection DDoS attack, one of the most prevalent types of DDoS attacks seen today.
In this attack, a hacker is creating malformed UDP packets, which he sends to a DNS server. This server's setup contains vulnerabilities that multiply and reflect the packets to the target, which in this case seems to have been the Web servers that hosted the three websites.
DDoS attacks are often used to mask more serious intrusions, so let's hope the webmasters of these agencies are also investigating other portions of their network as well.
Unlike many of today's online services, government workers have kept affected users in the loop on the Twitter accounts of all three agencies. We know a few Web hosting providers that could learn from the social media presence of US government workers when it comes to customer support. Below is a list of selected tweets.
The Library's websites are experiencing technical difficulties & we're working to correct them. Sorry for the inconvenience. — Library of Congress (@librarycongress) July 18, 2016