Earlier this week, the Maine.gov website was taken offline for numerous hours, up until around 13.30GMT on Tuesday, in what was thought to be a one-off attack. However, in the hours that followed, other state websites, like Colorado, Virginia, Georgia, Alabama, Oregon and Nebraska, were also seemingly DDoSed, while Maine.gov went offline again on Wednesday. There was, oddly, one UK site attacked too, scottisharchitects.co.uk.
Maine.gov eventually released a statement on the DoS attack on Thursday saying: “The state of Maine's web portal continues to be affected by attempts to overwhelm the service with artificial web traffic. Technicians with the Information Resource of Maine (InforME) and Office of Information Technology (OIT) have worked aggressively to mitigate the inconvenience caused by the attack on Maine.gov. The site remains online at this time, but users may experience slowness or notice other performance issues as the attack continues.
“Today marks the third day Maine.gov has been target by a denial-of-service (DoS) attack. A DoS attack seeks to make a service unavailable to users by overloading the servers that host it with artificial traffic.”
A spokesperson added: “It's unfortunate that an individual or a handful of individuals would choose to disrupt public services for no other reason than their own amusement. While some in the online community consider DoS attacks a form of protest, they are a crime. Accordingly, InforME and OIT have been in contact with law enforcement.
“Despite online claims to the contrary, we currently have no evidence to suggest that any personal information connected with the Maine.gov portal has been compromised.
“OIT and InforME will continue to work towards fixing this issue and hope to return Maine.gov to full capacity as soon as possible. We regret any inconvenience this may have caused.”
The group claiming responsibility for this attack, and others, is ‘Vikingdom2015', which appears to have been named after a low-budget Malaysia/American film with a cult following. The group made numerous claims online on its Twitter account, prior to it being suspended on Thursday. But later that day they returned under the name ‘TheVikingdom2015'.
Speaking to SCMagazineUK.com earlier this week, a member of the group said that it has 16 members, although once had 22, adding that layer 4 DDoS attacks were the preferred method of attack. The group, which only appears to have been active since March 16 with attacks a daily occurrence since, claimed responsibility for attacks against the various US state websites, as well as commercial sites Go.com, Seaworld.com and Twitch.com, the gaming TV service bought by Amazon for £600 million.
The group was previously operating and communicating on Facebook but switched to Twitter when a rival hacking group, ‘ClownSec', took their accounts offline. One of its members, BitCoin Baron, was apparently kicked out for his/her role in that incident.
The team member confirmed that – contrary to some rumours – that they were not motivated by a political cause. “We knock sites down for fun,” the member said.
He/she confirmed the use of a botnet in the attacks, and that the group was behind the Amazon Twitch attack, before claiming surprisingly that it was the largest DDoS attack in history against Maine.gov.
“It was DDoS. [On] 1/3/2015 we launched the biggest attack ever, peaking at 3.5Tbps. 8/3/2015 power decreased from 3.5TBps to 1Tbps.” However, other hacking groups online have disputed their ability.
Asked on the nature of the attack, the team member added: “They are layer four (DDoS). We are using ESSYN to knock down big sites - [it's a] great method to destroy everything.”
The group said that its goal is “to knock down all sites”, adding that it had tried and failed to take down the official website of the National Security Agency (NSA).