Cyber Incident Victim: City of Boston

On December 16, 2015, the City of Boston experienced a distributed denial of service (DDoS) cyberattack that disrupted internet services across all municipal agencies for a brief period. The attack involved hackers manipulating computers globally to flood City Hall’s servers with excessive traffic, overwhelming their web connection capacity. Mayor Martin J. Walsh characterized the outage as “short, but widespread,” confirming that police and fire department internet services were also affected, though emergency response systems remained operational. City Chief Information Officer Jascha Franklin-Hodge described the incident as a “minor act of cybervandalism” and clarified it was unrelated to concurrent threats targeting Los Angeles and New York City. The disruption began during business hours, with attackers exploiting compromised systems to generate malicious traffic directed at Boston’s infrastructure.

City cybersecurity teams detected and neutralized the attack within approximately 20 minutes by identifying and blocking the flood of illegitimate requests to their servers. Franklin-Hodge emphasized the rapid containment, which restored full internet functionality without further operational interruptions. Security experts like Anthony Townsend of Iowa State University noted the response was “sharp” and effective given the timeframe. While no data exfiltration occurred, Townsend suggested potential motives included vandalism, reputation-seeking behavior, or reconnaissance to study Boston’s defensive protocols for future attacks. Anthony Roman of Roman & Associates highlighted broader vulnerabilities, stating municipalities often lag in countering evolving DDoS tactics. The incident underscored the challenges of attributing such attacks, as hackers frequently route traffic through infected third-party devices to obscure their origins. No permanent damage to systems or data breaches was reported following the restoration of services.