Llyods hit with massive DDoS attack by suspected foreign hackers
The DDoS attack reportedly lasted for over 24 hours iStock

The Luxembourg government's servers were hit by hackers in a massive DDoS attack that reportedly lasted over 24 hours. The attack, which began on Monday morning (27 February), is believed to have affected over a hundred websites hosted by the government's servers.

According to the Luxembourg Wort, the DDoS attack started at around 9.30am on Monday. An hour after the attack commenced, the Centre des Techniques de l'information de l'Etat (CTIE), which is the state-owned IT operator, posted on Twitter, confirming that it was the victim of a DdoS attack.

More Technology News

According to local reports, attribution was difficult as those investigating the incident believe that the attack may have launched leveraging botnets. A day after CTIE posted about the attack, it took to Twitter again thanking "all actors who helped contain this threat", indicating that it may have taken the IT operator a day to mitigate the attack.

Commenting on the attack, Stephanie Weagle, VP, Corero Network Security, told SC Media UK: "The motivations for these attack campaigns are endless – financial, political, nation-state, extortion and everything in between."

Pascal Geenens, Radware EMEA security evangelist said DDoS-for-hire services these days are accessible to anyone.

"Services are available on the Darknet as well as on the Clearnet and for just a couple of Euros one can launch a DDoS attack by a click of the mouse," he said, adding that Mirai was a turning point in such attacks.

"We saw a huge rise in the number of botnets leveraging IoT devices (mostly IP cams and residential routers) and attacks grew in size. A 1Tbps attack should not come as a surprise today, the potential certainly is there."

He added: "The main drive of most cyber-crime is still money, we have witnessed countless cyber-ransoms leveraging DDoS. This attack could be precursor of a larger RDoS. Attackers typically provide some proof they have the ability to interrupt the service, which is typically followed by a message with a demand for ransom and if the victim does not pay there will be an ultimatum followed by a much larger and longer attack."

Cybercrime