Attackers who disabled the BBC’s online services last week claim to have been ‘just testing’ their capacities ahead of attacking Islamic State targets
Hackers who disabled the BBC’s online services last week and targeted Donald Trump’s presidential campaign website over the weekend have stated that the attacks were “a test” in preparation for actions against Islamic State’s (IS) online operations.
A group calling itself New World Hacking (NWH) said it was responsible for the distributed denial-of-service (DDoS) attack that rendered iPlayer and various websites unavailable for several hours on New Year’s Eve.
‘Only a test’
The group also claimed responsibility for the attack on Trump’s website, which went offline for about an hour on Saturday.
“We strive to take down Isis affiliated websites, also Isis members,” said a spokesperson for NWH in a message sent to the BBC. “The reason we really targeted (the) BBC is because we wanted to see our actual server power. It was only a test, we didn’t exactly plan to take it down for multiple hours.”
Islamic State is also referred to as ISIS or Daesh.
The spokesperson added: “We realise sometimes what we do is not always the right choice, but without cyber hackers… who is there to fight off online terrorists?”
The message was later posted on Twitter by a BBC technology correspondent.
The group said it hit the BBC’s online systems with about 600 gigabits per second of fake requests, which, if confirmed, would be nearly double the volume used in the largest attack to date.
‘Amazon servers used’
The current record holder is an attack that reached 334 Gbps in the middle of last year, according to Arbor Networks. The BBC said it could not verify NWH’s claim.
NWH claimed to have used Amazon Web Services (AWS) servers to launch the attack, according to a report by industry news website ZDNet.
The group reportedly claimed it was able to take control of AWS’ administrative services to remove bandwidth caps on the servers, and then hide the unusual activity with custom scripts.
NWH said it was previously involved in unmasking members of the Ku Klux Klan, reporting accounts associated with Islamic State and stealing credit card data from an unnamed large US retailer, according to the report.
The group is reportedly planning to release a list of its Islamic State online targets on Tuesday.
Are you a security pro? Try our quiz!