Why in news?

In January, Karnataka’s property registration portal, Kaveri 2.0, faced severe outages, disrupting citizen services. An investigation by the Revenue and E-Governance Departments revealed that the disruption was not due to technical glitches but a deliberate Distributed Denial of Service (DDoS) attack.

The cyberattack on the 2023-launched portal underscores the vulnerability of critical digital infrastructure to cyber threats.

What’s in today’s article?

• About Distributed Denial of Service (DDoS) attack
• Impact of DDoS Attacks on Web Portals
• Ways to Mitigate DDoS Attacks
• DDoS Attack on Kaveri 2.0

About Distributed Denial of Service (DDoS) attack

• DDoS attack is a cyberattack designed to disrupt the normal functioning of a server, service, or network by overwhelming it with excessive internet traffic.
• How It Works
  • Unlike a Denial of Service (DoS) attack, which originates from a single source, a DDoS attack uses multiple compromised systems, often infected with malware, to generate traffic.
  • These systems form a botnet that floods the target with requests.
• Types of DDoS Attacks
  • Bandwidth Saturation: Overloading a site’s bandwidth.
  • Protocol Exploitation: Exploiting vulnerabilities in network protocols.
  • Application Targeting: Attacking weaknesses in specific applications or services.
• Prominent DDoS Attacks
  • Attack on X Platform (August 2024)
    • Elon Musk’s X platform suffered a massive DDoS attack, causing delays and disruptions.
    • The attack occurred just before Musk’s scheduled conversation with Donald Trump, the then Republican presidential candidate, highlighting the risks faced by high-profile platforms.
  • Attack on GitHub (2015)
    • Microsoft-owned GitHub was targeted by a China-based botnet, specifically aiming at two projects that provided tools to bypass Chinese state censorship.
    • The attack leveraged malicious JavaScript injection in visitors' browsers from Baidu’s analytics services.

Impact of DDoS Attacks on Web Portals

• Service Downtime
  • The primary goal of a DDoS attack is to overwhelm a web portal, making it inaccessible to users.
  • This leads to disruptions in operations and potential loss of revenue.
• Distraction for Other Cyberattacks
  • While DDoS attacks do not steal data directly, they can serve as a diversion, allowing hackers to execute data breaches or other cyber threats unnoticed.
• Reputational Damage
  • Frequent DDoS attacks can harm an organization’s credibility, making customers and partners question its ability to secure digital services.

Ways to Mitigate DDoS Attacks

• Advanced Traffic Filtering
  • Organisations use traffic filtering mechanisms to differentiate between legitimate and malicious traffic, preventing overload.
• Continuous Monitoring
  • Monitoring tools help detect unusual traffic patterns early, allowing for pre-emptive actions before an attack escalates.
• Rate Limiting
  • Restricting the number of requests per user within a set time frame helps prevent the system from being overwhelmed.
• Bot Detection Technologies
  • Using CAPTCHAs and behavioural analysis helps identify and block automated bots attempting to exploit the system.
• Strong Authentication & Security Audits
  • Implementing robust authentication, including multi-factor authentication (MFA), along with regular security audits, helps prevent unauthorised access.
• Collaboration with Cybersecurity Agencies
  • This enables better investigation, information sharing, and mitigation strategies to prevent future attacks.
• User Awareness & Protection
  • Educating users on phishing risks, enforcing strong passwords, and promoting security best practices can reduce the risk of account compromises.
• Incident Response Planning
  • A dedicated security team should be in place to monitor, detect, and respond to security threats effectively.

DDoS Attack on Kaveri 2.0

• The Kaveri 2.0 portal, crucial for property registrations, faced performance issues due to fake accounts making database entries, overwhelming the system.
• The attack involved 62 email accounts from 14 IP addresses, indicating a distributed attack.
• Major Attack in January 2025
  • A second wave of the attack saw extremely high traffic, especially for encumbrance certificate (EC) searches, which surged to eight times the usual volume.
  • Within two hours, the portal received 6.2 lakh malicious requests, using random keywords to flood the system.
• Impact
  • The attack crippled the portal, causing a significant drop in property registrations, disrupting citizen services, and exposing cybersecurity vulnerabilities.
• Future of Kaveri 2.0
  • The Kaveri 2.0 portal, severely impacted by the cyberattack, saw significant drops in property registrations on February 1 and 4.
    • However, it was restored on February 5.
  • The attack highlights the need for government agencies and organisations to prioritise cybersecurity and implement robust mitigation strategies to prevent future disruptions.