DDoS Attack Causes Brief ‘Disruptions’ for Alabama Government Websites; What Was The Motive?

A cyberattack on Alabama government agencies caused brief “disruptions” for official websites last week. State officials worked throughout the day to restore services and take control of the government websites, a spokesperson for Alabama’s Office of Information Technology told CNN. The attack was a “distributed denial of service” or DDoS attack. However, the governor’s office mentioned that the state agencies were mostly unaffected.

What is a DDOS attack?

In a denial-of-service attack, cybercriminals attempt to make a service or network of websites unavailable to users by temporarily or indefinitely disrupting the services of the host network. In this, the attacker floods a server with bogus internet traffic which causes the target websites to slow down or not function entirely. In the case of the Alabama cyberattack, the hackers flooded the government websites with phony traffic in an attempt to knock them offline. Cybersecurity expert and partner at Coastal Information Security, Gerald Auger said the attacks were effective in disrupting services but not sophisticated.

Impact of the attack

According to Alabama spokesperson, Jeremy Ward the disruptions were initially widespread across the state services but they diminished over time, as officials worked with vendors to solve the issue, CNN reported. Furthermore, according to the office of Republican Gov. Kay Ivey, the government networks were not breached and no data was stolen in the cyberattack.

“There was no breach, and the state’s computers and information have not been accessed,” Ivey’s office said in a news release. The Alabama OIT and the state’s carrier actively worked to mitigate the attack which only caused some state websites to be temporarily slow.

The attack followed a network disruption faced by one of Alabama’s largest cities, Birmingham. The separate computer network affected police work in some areas, earlier this month, AL.com reported.

Purpose of the DDoS attack

A group known as Anonymous Sudan claimed responsibility for the cyberattack on the Alabama government websites on their Telegram account. It had named several government agencies, including the Alabama Law Enforcement Agency, as targets. The group which rose to prominence last year claims itself to be a “hacktivist,” or activist hacking group. The criminal group claims to target organizations for political reasons.

As per CNN, the group wanted to call attention to the situation in Sudan through the Alabama cyberattack. However, it isn't clear how targeting Alabama government websites served that purpose. Furthermore, despite its name, it isn’t clear where the group is based.

Rising cyberattacks on government agencies

According to a Statista report, 2023 was a historic year in terms of the number of data breaches for U.S. government entities. Last year, about 100 cases of private data exposure were reported, up from 74 in 2022. These cases of private data violations affected about 15 million people, the report mentioned. Most recently, US state and local governments have faced several ransomware and other hacking threats. As per estimates from cybersecurity firm Emsisoft, over 2,200 US hospitals, schools, and governments were “directly impacted” by ransomware last year.

While the recent DDoS attack did not cause any damage, such attacks do have the potential to cause disruptions to the local communities that rely on state websites for information.