The Maharashtra police on Sunday registered an FIR in connection with the Distributed Denial of Service (DDOS) attack on Internet Service Providers (ISPs) in the state. Police said this is the first such FIR to be registered in the country. They also said the attack was still being carried out. Investigators said millions of Internet Protocol (IP) addresses infected with a kind of virus known as a Trojan are being used in the attack.
Small and medium ISPs are being targeted by the DDOS attack, which police said has been carried out on a massive scale since Monday at a speed of 200 gigabytes per second. The Cyber Crime department of the Maharashtra Police is currently working in collaboration with the Indian Computer Emergency Response Team to mitigate the attack and trace the source.
IGP (Cyber Crime) Brijesh Singh said, “An FIR has been filed with the Cyber police station in BKC under sections 43 (F) and 66 of the Information Technology Act. We are investigating.”
ADVERTISEMENT
An officer with the investigating team told The Hindu, “We have been mitigating the attack, blocking all the Internet Protocol (IP) addresses involved as soon as we identify them. The attack, however, still continues. The resources behind the attack have to be considerable. We are trying to trace the location from which the attack is being orchestrated.”
In a DDOS attack, a hacker creates a sudden surge of activity on a server by pinging it with virus-infected IP addresses. Billions of IP addresses infected with Trojans or other malware are available for sale or on rent on the so-called ‘dark net’, which hackers can use for such exploits.
In this case, the miscreants have targeted small and medium ISPs which don’t have the infrastructure to fend off such attacks, crippling the services they offer. The operations of their subscribers, which include commercial entities, have been severely affected.
ADVERTISEMENT
Police said many IP addresses worldwide are infected with Trojans, which find their way into computers through spam mail or advertisements on web pages, and users don’t realise it. The Trojans lie dormant till a hacker needs them to perform a specific function, and they can be programmed to strike together in a consolidated attack.
Between July 17 and July 20, the US Library of Congress came under a similar attack, from which it is still recovering. It’s authorities have turned over key evidence to investigating authorities, a blog on its website said.