The US Northern Command (USNORTHCOM) website was knocked offline Wednesday – apparently caused by an update to the site. However, some are implying that the outage to the government defense agency could have been caused by a distributed denial-of-service (DDoS) attack.
USNORTHCOM, whose mission statement is to “defend America's homeland,” also commands NORAD, the North American Aerospace Defense Command.
NORAD is responsible for aerospace control and warnings, including maritime warnings for Canada, Alaska, and the continental US.
The outage happened just after 10 a.m. ET.
The command posted a message on Twitter acknowledging the outage after comments about the site being down started to roll in on the messaging platform.
The tweet had been viewed over 90,000 times by Wednesday afternoon.
“We are aware of our current website issues and are actively working to address them,” @USNorthernCmd said.
The Department of Defense (DoD) affiliated agency asked for patience as it worked to resolve the issues, urging concerned followers to look for the latest updates on social media.
At 12:43 p.m. ET, @USNorthernCmd then pinned a second tweet to the top of its profile page.
“We are aware of the disruption in our website services. No malicious activities are occurring," USNORTHCOM said.
“The American Forces Public Information Management System which hosts our website pushed a code update that is causing the page to load incorrectly. A fix will be forthcoming,” the Command said.
The American Forces Public Information Management System (AFPIMS) is a combination of hardware and software used to manage public-facing DoD websites, according to the US government.
Rumors swirl of premeditated attack
An interesting twist to the story is that one Twitter user posted what appears to be a screenshot from an unknown source claiming that the USNORTHCOM website was under attack.
The Twitter user compared the timestamp from the unsourced screenshot to the timestamp on USNORTHCOM's post by outlining them both in red. Both timestamps occurred at exactly 10:20 a.m.
"Pic of last bread. Also 502 host error. DDoS?" the post inside the screenshot said underneath a link titled "Anonymous."
Under the post it said, "Site under attack. Info shared highly sensitive," ending with the signature "Q."
The claim itself is not that farfetched, as several Russian-linked hacktivist groups have recently declared DDoS campaigns against US critical infrastructure. The hacktivist groups Killnet, UserSec, and Anonymous Sudan have all successfully carried out attacks on several NATO organizations and EU government bodies, as well as Israel’s Prime Minister and its Mossad.
During a DDoS attack, threat actors seek to block a user's ability to access certain internet services by flooding the targeted system with massive fake traffic, essentially preventing the target's website from loading.
Earlier this year, a federal law enforcement agency, the US Marshal Service, also was breached in a sophisticated ransomware attack by pro-Russian hackers. Often times these gangs will run a test attack to see if they have the ability to take down a site before coordinating a larger, more devastating attack at a future date.
By late afternoon Wednesday, Cybernews checked the USNORTHCOM's 'northcom dot mil' website address just before publishing this report and had no problems loading the site.
Besides homeland defense, military and civil missions carried out by USNORTHCOM include border security, humanitarian/disaster relief, wildland firefighting, and COVID-19 response.
Formed in 2002, USNORTHCOM is headquartered at Peterson Space Force Base in Colorado Springs.
Cybernews will follow the story.
Your email address will not be published. Required fields are markedmarked