Cyber Incident Victim: Associated Press
Date:
Oct 2023
Location:
United States of America
Summary
The Associated Press news website experienced an outage consistent with a distributed denial-of-service attack, causing intermittent accessibility issues where the homepage loaded but individual article links failed to function properly, displaying errors or blank pages. The disruption lasted approximately one day before being resolved, though the organization's mobile apps and customer delivery systems remained unaffected throughout the incident. A group identifying as Anonymous Sudan claimed responsibility for the attack, posting screenshots of inaccessible news sites as purported evidence, though their involvement was not verified. Cybersecurity analysts noted such claims often exaggerate the scale and impact of short-lived disruptions as part of propaganda efforts. The organization observed periodic traffic surges during the incident but did not confirm the attack's origin.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On October 31, 2023, The Associated Press news website experienced an outage consistent with a distributed denial-of-service (DDoS) attack, a federal criminal act involving data flooding to overwhelm online infrastructure. The disruption began Tuesday afternoon when attempts to access apnews.com loaded the homepage but prevented navigation to individual stories—links either returned blank pages, error messages, or failed entirely. AP’s internal systems for delivering content to customers and its mobile applications remained operational throughout the incident, limiting the impact to the public-facing website. Engineers observed intermittent traffic surges originating from multiple sources, complicating mitigation efforts as addressing one surge resulted in others emerging elsewhere. Nicole Meir, AP’s media relations manager, confirmed the organization was investigating the cause but noted the intermittent nature of the traffic made it difficult to isolate. The outage persisted into the evening but was fully resolved by the morning of November 1, restoring normal access to all site sections without further disruption to AP’s operations or customer services.
Concurrently, the self-proclaimed hacktivist group Anonymous Sudan announced on its Telegram channel on the morning of October 31 its intent to target Western news outlets with DDoS attacks. Following the AP outage, the group posted screenshots of the apnews.com homepage and other news sites, claiming these as evidence of successful disruptions. Cybersecurity analyst Alexander Leslie of Recorded Future characterized the group’s actions as a propaganda tactic, emphasizing that such attacks often cause brief, localized outages exaggerated as significant victories to bolster the perpetrators’ reputation. AP acknowledged Anonymous Sudan’s claims but stated it could not independently verify the group’s involvement in the incident. The organization maintained its focus on restoring service and analyzing traffic patterns without attributing responsibility. No data breaches, system compromises, or additional disruptions beyond the temporary website inaccessibility were reported.