Shielding Federal Sites From Denial of Service Attacks Would Cost Money: Expert

July 2, 2015 Updated: July 1, 2015

OTTAWA—The federal government could stop cyber-meddlers from taking down its websites—but that would cost money, a computer-security expert says.

The Canadian Security Intelligence Service site was the latest federal webpage to succumb to a denial-of-service attack and go offline.

Two weeks ago the online Anonymous collective claimed responsibility for a digital assault that temporarily shut down several federal sites and wreaked havoc with email.

It’s relatively easy to bombard a web address with virtual traffic and paralyze it, said David Skillicorn, a professor of computing at Queen’s University in Kingston, Ont.

“Denial-of-service attacks are not particularly serious in the grand scale of things. It’s more or less akin to having a bunch of your friends hang around the door of a 7-11 and stop people going in.”

Webmasters can defend against such attacks but it means investing in means of diverting traffic that would otherwise cripple the site, Skillicorn said Tuesday in an interview.

“It’s a matter of priorities and cost-effectiveness of the defence,” he said.

“They could either say, ‘Yeah, we’re going to upgrade so that we’re not embarrassed by these things.’ Or they could say, ‘Look at how we’re saving taxpayer money at the expense of an occasional annoyance.’

“You can make either of those cases. I think the unfortunate thing is there’s nobody with the voice to make either of them clearly.”
Dave Adamson, the acting chief federal information officer, referred inquiries about the CSIS crash to media relations officials.

Treasury Board spokesman Michael Gosselin had no immediate comment.