Cyber Incident Victim: Premier Lotteries Ireland
Date:
Jan 2016
Location:
Ireland
Summary
A series of distributed denial-of-service (DDoS) attacks targeted multiple Irish public sector entities, including the national lottery operator and government websites, rendering them inaccessible. The attacks followed a pattern initially impacting online discussion forums before expanding to other critical infrastructure. An anonymous individual claimed responsibility, framing the incidents as an unofficial "national cybersecurity audit" to expose security weaknesses and pressure improvements across Irish websites, with threats to extend assaults to news outlets and financial institutions. Authorities confirmed the attacks were criminal acts rather than sanctioned testing. Cybersecurity experts emphasized the disruptive potential of such DDoS events, regardless of motivation, noting their capacity to inflict significant operational damage.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In mid-January 2016, a series of distributed denial-of-service (DDoS) attacks disrupted multiple Irish online services, beginning with the boards.ie discussion forums and Premier Lotteries Ireland (National Lottery) around January 19. The attacks expanded on January 20-22, targeting Irish government and public sector websites, rendering several inaccessible. An individual using a pseudonym contacted media outlets claiming responsibility, framing the attacks as an unsanctioned "national cybersecurity audit" by a security team testing Irish websites' defenses. The attacker stated the goal was to expose inadequate security practices nationally and indicated plans to escalate assaults against news organizations and financial institutions. Authorities and cybersecurity firms confirmed the attacks were criminal acts, not authorized security tests.
The DDoS incidents caused operational disruptions, with government sites knocked offline during peak hours. Corero Network Security verified the malicious DDoS events specifically impacted Irish government infrastructure and public sector web properties. Stephanie Weagle of Corero noted the attacks' motivations remained unclear but emphasized their damaging potential regardless of intent. No specific technical details about attack vectors, durations, or full recovery timelines were disclosed publicly. The Irish government treated the incidents as criminal matters, though no attribution to specific threat actors or subsequent arrests were reported in the immediate aftermath. Service restoration efforts were initiated, but the attacks highlighted vulnerabilities in critical national online services during this concentrated campaign.