Internet Archive is still not fully recovered: Here’s how the attack unfolded
A read-only version of the Wayback machine is available for the time-being.
More details have emerged concerning the recent cyberattack against the Internet Archive, which appears to still not be fully recovered.
The archive is now back online, in a preliminary ‘read-only’ capacity whilst it continues to recover. Some services still remain offline, but the Wayback Machine operations have been resumed, although founder Brewster Kahle warned it may be suspended again in the case that it needs “further maintenance.”
The incident came in the form of a Distributed Denial-of-service (DDoS) attack – which involves flooding a site with traffic to overwhelm a server, making it impossible to access. Research from Netscout revealed significant deviation of network traffic to archive.org, which supports the claims of a DDoS attack. Reports suggest there was at least 3 hours and 20 minutes of DDoS activity, and at least three distinct IP addresses used by archive.org received DDoS traffic.
Cautiously back online
In this specific case, the attack used two attack vectors: TCP reset floods and HTTPS application layer attacks. The TCP flood will flood a victim with huge numbers of Transmission Control Protocol (TCP) reset packets, which tricks a computer into terminating its connection with others in its network.
In contrast, the HTTPS application layer attack will typically aim to overwhelm servers by targeting the application layer in order to disrupt the normal flow of traffic, rendering normal services unavailable.
By crawling the web, the archive and its 150 staff work to preserve internet pages and provide free access to thousands of books, videos, and audio files. The motive for the attack isn’t clear, but the hack is said to have exposed the data of up to 31 million users.
The compromised data, which is said to include email addresses, screen names, and Bcrypt passwords, could leave users exposed and at risk of threat actors using their information for nefarious purposes.
More from TechRadar Pro
Check out our pick of the best identity theft protection aroundSomeone needs to save the Internet Archives from the lawyers and I have an ideaWe’ve also rounded up the best malware removal software