Learn bits
Science & Tech.
Mahesh

17/02/25 16:00 PM IST

DDoS cyberattack that hit Karnataka’s Kaveri 2.0 portal

In News
  • Recently, web-based portal Kaveri 2.0, which streamlines property registrations in Karnataka, faced sporadic, crippling server outages. 
DDoS attack
  • A DDoS attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of internet traffic.
  • Unlike a Denial of Service (DoS) attack, which typically involves a single source, a DDoS attack leverages multiple compromised systems, often infected with malware, to generate the traffic.
  • These compromised systems are collectively known as a botnet. Such attacks may be aimed at saturating the bandwidth of a particular site, exploiting weaknesses in the network protocol stack, or targeting specific weaknesses in applications or services. 
  • DDoS attacks can lead to a service downtime, which is the primary goal of a DDoS attack -- to render a service unavailable, leading to a disruption or potential loss of revenue.
  • While DDoS attacks do not directly steal data, they can be used as a distraction while other forms of cyberattacks, such as data breaches, are executed.
  • Organisations that fall victim to DDoS attacks may suffer reputational damage, as customers and partners question their ability to protect against cyber threats.
Kaveri Portal 2.0
  • The Kaveri 2.0 portal, a critical application for property registrations, experienced performance issues in December 2024 and January 2025.
  • Fake accounts were created, and entries were made into the database using these accounts, overwhelming the system.
  • The attack involved 62 email accounts originating from 14 IP addresses, highlighting the distributed nature of the assault.
  • In January 2025, a similar attack occurred, with extremely high traffic observed from citizen-side users for encumbrance certificate (EC) searches, which was eight times more than usual.
  • At one point, the portal received 6.2 lakh requests from malicious users in just two hours, using random keywords to perform searches.
  • This surge in traffic crippled the portal, significantly reducing the number of registrations. 
Mitigating attacks
  • To protect against DDoS attacks, organisations implement advanced traffic filtering mechanisms to distinguish between legitimate and malicious traffic.
  • Monitoring tools can help identify unusual traffic patterns and take pre-emptive actions.
  • Enforcing rate limiting can control the number of requests a user can make in a given time frame, preventing the system from being overwhelmed.
  • Bot detection technologies, such as CAPTCHA challenges and behavioural analysis, can identify and block automated tools or bots.
  • Robust authentication mechanisms and regular security audits can strengthen the security of online services and prevent unauthorised access.
  • Organisations also work closely with cybersecurity agencies to help investigate attacks and identify perpetrators.
  • They share information and collaborate on mitigation strategies to prevent future attacks by developing and implementing an incident response plan. 
  • This will include having a dedicated team to monitor and respond to security incidents.
  • For the user, knowing about the risks of phishing and other social engineering attacks can help prevent account compromises.
  • Companies can encourage the use of strong passwords and multi-factor authentication to enhance security. 
  • These attacks underscore the importance of robust cybersecurity measures to protect against DDoS threats, which can disrupt services, lead to financial losses, and damage the reputation of online platforms.
Source- The Hindu

More Related Current Affairs View All

28 Aug

IADT-1

'Recently, the Indian Space Research Organisation (ISRO) successfully carried out its first Integrated Air Drop Test (IADT-1), a crucial milestone in the preparation for the countr

Read More

28 Aug

H-1B visa changes

'H-1B visa changes 2025: United States Commerce Secretary Howard Lutnick called the popular H-1B visa program a “scam”, saying that American businesses should be focuse

Read More

28 Aug

UGC’s Learning Outcomes-based Curriculum Framework

'Recently, the University Grants Commission (UGC) issued a public notice on its development of a draft Learning Outcomes-based Curriculum Framework (LOCF).' LOCF is intended to

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps