Cyber Incident Victim: Drudge Report
Date:
Dec 2016
Location:
United States of America
Summary
The Drudge Report experienced a significant distributed denial-of-service (DDoS) attack, causing a 90-minute outage described by its founder as the largest since the site's inception. The founder publicly speculated about potential US government involvement, citing suspicious routing and sources allegedly linked to Fort Meade, though no evidence was provided to substantiate these claims. Concurrent social media rumors suggested outages at Russian state-funded outlet RT, though it remained accessible during the incident. Conservative media outlets contextualized the attack amid heightened US-Russia tensions following allegations of Russian election interference and subsequent US sanctions, including diplomatic expulsions. The site, a major traffic referrer to prominent news outlets, resumed normal operations after the disruption.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 20, 2016, the Drudge Report experienced a distributed-denial-of-service (DDoS) attack that caused a 90-minute outage starting around 7 PM EST. Founder Matt Drudge claimed via Twitter that this was the "biggest DDoS attack since [the] site's inception," describing the activity as "very suspicious" due to its routing and timing. He suggested potential US government involvement, specifically referencing Fort Meade—headquarters of US Cyber Command—and alleging the attack originated from "thousands" of untraceable sources. The attack overwhelmed the website's servers with excessive traffic, temporarily preventing user access. During the outage, the site's top headline read "Moscow Mocks Obama 'Lame Duck,'" referencing tensions between the US and Russian governments. Service was restored approximately 90 minutes later without technical details about mitigation efforts. Drudge provided no evidence to substantiate his claims of state-sponsored involvement beyond these public statements.
The incident occurred against heightened geopolitical tensions following President Obama's December 29 announcement of sanctions against Russian entities for alleged interference in the 2016 US presidential election. These sanctions included expelling 35 Russian diplomats and closing two Russian compounds in Maryland and New York. The conservative-leaning Washington Times speculated about potential links between the DDoS incident and US cyber countermeasures against Russia, noting Drudge Report's pro-Trump editorial stance during the election. Concurrent social media rumors suggested outages at Russian state-funded outlet RT, though the outlet remained accessible during the attack. At the time, Drudge Report ranked among America's top referral traffic sources, boasting two million daily unique visitors and approximately 700 million monthly page views according to 2014 metrics. No forensic evidence, attribution conclusions, or official responses from US authorities regarding the attack were documented in available reporting.