Story so far: In January, web-based portal Kaveri 2.0, which streamlines property registrations in Karnataka, faced sporadic, crippling server outages. As a result, property registration and document-related citizen services went almost to a standstill in the state. On investigating the outage, the Revenue Department and E-Governance Department concluded that it was not due to “technical glitches” but a “motivated Distributed Denial of Service (DDoS) attack” on Kaveri 2.0 - a portal launched in 2023 to reform land registration. The sustained cyberattack on the portal, orchestrated by unidentified miscreants, highlights the vulnerability of critical online services to cyber threats.
Following the incident, K. A. Dayananda, Inspector General of Registrations and Commissioner of Stamps (IGR & CS) lodged a complaint with the cyber-crime police. The Cybercrime, Economic offences, Narcotics (CEN) police registered a case under the Information Technology Act, 2000, against the unidentified miscreants.
“The Kaveri 2.0 faced some performance issues during December 2024. Upon analysis and inputs from the Centre for Smart Governance [CSG], it was found that these issues were caused by a malicious DDoS attack using automated tools or bots,” the FIR said.
A DDoS attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of internet traffic. Unlike a Denial of Service (DoS) attack, which typically involves a single source, a DDoS attack leverages multiple compromised systems, often infected with malware, to generate the traffic. These compromised systems are collectively known as a botnet. Such attacks may be aimed at saturating the bandwidth of a particular site, exploiting weaknesses in the network protocol stack, or targeting specific weaknesses in applications or services.
DDoS attacks can lead to a service downtime, which is the primary goal of a DDoS attack -- to render a service unavailable, leading to a disruption or potential loss of revenue. While DDoS attacks do not directly steal data, they can be used as a distraction while other forms of cyberattacks, such as data breaches, are executed. Organisations that fall victim to DDoS attacks may suffer reputational damage, as customers and partners question their ability to protect against cyber threats.
The Kaveri 2.0 portal, a critical application for property registrations, experienced performance issues in December 2024 and January 2025. Fake accounts were created, and entries were made into the database using these accounts, overwhelming the system. The attack involved 62 email accounts originating from 14 IP addresses, highlighting the distributed nature of the assault.
In January 2025, a similar attack occurred, with extremely high traffic observed from citizen-side users for encumbrance certificate (EC) searches, which was eight times more than usual. At one point, the portal received 6.2 lakh requests from malicious users in just two hours, using random keywords to perform searches. This surge in traffic crippled the portal, significantly reducing the number of registrations.
To protect against DDoS attacks, organisations implement advanced traffic filtering mechanisms to distinguish between legitimate and malicious traffic. Monitoring tools can help identify unusual traffic patterns and take pre-emptive actions. Enforcing rate limiting can control the number of requests a user can make in a given time frame, preventing the system from being overwhelmed.
Bot detection technologies, such as CAPTCHA challenges and behavioural analysis, can identify and block automated tools or bots. Robust authentication mechanisms and regular security audits can strengthen the security of online services and prevent unauthorised access.
Organisations also work closely with cybersecurity agencies to help investigate attacks and identify perpetrators. They share information and collaborate on mitigation strategies to prevent future attacks by developing and implementing an incident response plan. This will include having a dedicated team to monitor and respond to security incidents.
For the user, knowing about the risks of phishing and other social engineering attacks can help prevent account compromises. Companies can encourage the use of strong passwords and multi-factor authentication to enhance security.
The cyberattack had crippled the Kaveri 2.0 portal and the number of registrations had fallen significantly on February 1 and 4. While the portal was restored on February 5, the DDoS attack should serve as a wake-up call for organisations, particularly governed agencies, to prioritise cybersecurity and implement robust mitigation strategies. As cyber threats continue to evolve, understanding the nature of DDoS attacks and taking proactive measures to protect against them is crucial.
The battle against DDoS attacks is ongoing, but with the right strategies and vigilance, organisations can safeguard their digital assets and maintain the trust of their users.
There are several such attacks, but most recently Elon Musk-owned X platform was targeted in August 2024. Mr. Musk reported that the platform experienced a massive DDoS attack, which caused delays and disruptions. This attack occurred just before his scheduled conversation with U.S. President Donald Trump (who was then the Republican candidate for presidency), highlighting the vulnerability of even high-profile platforms to such cyber threats.
In another occasion, several years earlier in 2015, Microsoft-owned code repository GitHub was targeted by China-based botnet. The attack specifically aimed at two GitHub projects that provided tools to circumvent Chinese state censorship. The attack involved injecting malicious JavaScript code into the browsers of visitors to Baidu, China’s most popular search engine, and other sites using Baidu’s analytics services.
These attacks underscore the importance of robust cybersecurity measures to protect against DDoS threats, which can disrupt services, lead to financial losses, and damage the reputation of online platforms.
Published - February 17, 2025 11:52 am IST
Our team is here to help you with any inquiries or support you may need. Contact us to get answers and learn more about how COINDEEAI can support your business goals.
