Cybersecurity

Royal Family Website Downed by DDoS Attack

The official website of the UK’s royal family was taken offline by a distributed denial of service (DDoS) attack on Sunday, according to reports.

The Royal.uk site was unavailable for around 90 minutes, starting at 10am local time, according to The Independent.

It was fully functional again soon after, although Cloudflare checks were in place at the time of writing to ensure that IP addresses looking to access the site are not automated bots. 

Notorious Russian hacktivist group Killnet has reportedly boasted on its Telegram channel of being responsible for the attack, although that has yet to be confirmed.

Oseloka Obiora, CTO of security vendor RiverSafe, argued that all organizations should ensure their security posture is fit for purpose.

“Whether you are a prince or pauper, cyber-criminals are coming for you and this incident is another reminder of the dangers posed by sophisticated online attacks,” he said.

“Moving forward, organizations of all shapes and sizes need to urgently update their cyber defenses, both in terms of skills and software, to prevent malicious hackers from achieving their insidious objectives.”

Read more on DDoS: Russian Hacktivists Overwhelm Spanish Sites With DDoS.

DDoS attacks have become a favorite tool of Russian hacktivists as they look to punish Ukraine’s allies and score geopolitical points.

Last October, Killnet claimed responsibility for a serious of DDoS attacks on the websites of over a dozen US airports. The European Parliament website was forced offline a month later after a similar attack.

In the UK, websites linked to the Bankers Automated Clearing Service (BACS), the London Stock Exchange and the Prince of Wales also came under attack at the time.

However, most were offline only for a short time, giving attackers just a brief shot of publicity.

Russia has also been targeted over the past year by Ukrainian hacktivists and supporters. In January, the country’s largest internet service provider (ISP) said it detected 21.5 million web-based attacks on its 600-odd corporate customers during 2022, most (79%) of which were DDoS attacks.

Of these, the standout was a 760Gb/s DDoS, described by Rostelecom as “a record-breaking DDoS attack in terms of power and duration.”