In the wake of the CAO attack last month and as Gardai are still investigating the attack it has been uncovered that the Gardai’s own website http://www.garda.ie is currently vulnerable to an attack.

A Senior Security Consultant at Security firm Secured.IE was quoted as saying “without proper security controls in place, such as rate limiting and account lockouts leaves the administration of the website open to brute force attacks”.

“The irony is, that while the Gardai are investigating the attacks on the CAO, their own website is probably just as, if not more, vulnerable” commented another security expert.

In the event of the website being breached there can be many ramifications, the site could end up being defaced and hosting malware which in turn could end up compromising the security of all the computers that log on to see what’s after  happening which would no doubt include other government computers.

Hackers pose a significant security risk to any website. While no domain, website or network is absolutely immune to attacks, a few simple steps can ensure that you mitigate the risks associated with most types of attacks. The majority of attackers will be deterred by strong security measures and are far less likely to spend the extra time required to hack a secure website.

When operating a high profile website such as the Garda website or in fact any website a number of key procedures must be put in place:

• Ensure that access to the administration console is completely locked down to authorised IP addresses
• Regularly monitor the website access logs to look out for unusual or abnormal behavior
• Keep the web server up to date with all security patches
• Make sure that all processes are locked down and accessible only by those authorised.
• Always use strong passwords which contain uppercase/lowercase/numbers/special characters and should ideally be 10 characters or more
• Make sure file permissions are correctly set
• Use ftps instead of ftp for more secure connections
• Always connect to your web-server from a secure location, ie. not an internet cafe
• Use Key based authentication in addition to passwords
• Never use shared login credentials

Gardai have been handed over logs and other evidence to investigate the recent attacks on the CAO website which has caused chaos for students this week.  The website was attacked just 10 minutes after the release of first round offers on the site at 6am Monday morning. The site was subsequently attacked on Wednesday by manipulating the forgotten password link which reissued new passwords to 22,000 students.

Denial of Service attacks  can be difficult but not impossible to pinpoint. Usually these attacks are perpetrated by criminal gangs looking to extort money from online websites such as bookies. The attack on the CAO however was purely to cause havoc.

Depending on the severity of the attack on Monday some simple security protocols in place may have averted the whole disaster. According to a leading IT Security firm allowing passwords to be sent out by simply inputting a CAO number would be considered ridiculous for such a high profile website and the CAO really needs to look into better coding practices on it’s website.

Thousands of students have faced massive disruption due to these recent attacks.

Eircom have announced that they will invest €20 million in a new high speed broadband network initially as a trial to see how it might be received by homes and businesses.

The trial will equip 10,000 homes and businesses in Sandyford Dublin and Wexford town with high speed fiber connections and is due to get started at some stage early next year.

Only 10-15 years ago achieving a 56K connection to the Internet would have been considered a great feat. Eircom have come a long way in the area of broadband services.

However, it may be somewhat irresponsible of Eircom to supply these ultra fast 150mb/s connections to homes and businesses without first ensuring that adequate security is in place. Connections as fast as 150mbs would be prime targets for hackers and other unscrupulous individuals who could use them to launch DoS attacks, host and transfer illegal material, hacking and other illegal activities.