Cyberattack Targets San Jose Police Department, City Websites

UPDATE: As of Tuesday morning the San Jose Police Department website was back up and running.

A drawn-out cyberattack has kept the San Jose Police Department’s website mostly offline for several days.

“We have been working with the city to resolve this issue,” SJPD spokesman Officer Albert Morales said in an email. “We do not have a timeframe for the problem to be resolved.”

The attack has affected other city websites, too, intermittently kicking them offline since Thursday, according to city spokesman Dave Vossbrink.

“Our IT folks are on it,” he said.

Vossbrink called the breach a distributed denial of service, or DDoS, which tries to interrupt an online service by bombarding it with traffic from thousands of sources. Up to one-third of website outages result from DDoS attacks, according Verisign Inc.

Hackers build networks of infected computers called “botnets” by sending malware via emails and social media. Once hijacked, computers can be controlled remotely and used to launch an attack anywhere in the world by sending massive amounts of random data to use up the bandwidth of the target, according to Digital Attack Map.

“Specialized online marketplaces exist to buy and sell botnets or individual DDoS attacks,” per the website, which tracks cyberattack trends around the world. “Using these underground markets, anyone can pay a nominal fee to silence websites they disagree with or disrupt an organization’s online operations. A week-long DDoS attack, capable of taking a small organization offline can cost as little as $150.”

Though the interruptions to San Jose’s municipal websites are inconvenient to the public and staff—the police department allows people to report crimes online—no systems appear to have been breached and no data lost, according to the city’s IT team.

Vossbrink said he’s unsure how this episode compares to past cyberattacks.

“In general, companies and government agencies at all levels across the county have been seeing this sort of thing more often in recent years,” he told San Jose Inside. “Unfortunately, it’s a sign of the times as trolls of all persuasions attempt to vandalize essential systems that the modern world now depends on.”

The city’s IT department plans to continually bolster its defense against DDoS attacks in the future, he said.

Jennifer Wadsworth is a staff writer for San Jose Inside and Metro Newspaper. Email tips to [email protected] or follow her on Twitter at @jennwadsworth.

3 Comments

  1. Time to declare war on these guy’s, where is our leaderless NSA when we need them?
    Watching Us!

  2. Well maybe the City and Police Department shouldn’t hack peoples ISP without a valid warrant or hack a persons email without a FISA warrant or their Web Hosting Email without a warrant or use cell phone tracking without a valid warrant or their home phone through their ISP for someone who has not committed a crime, is committing a crime or planning to commit a crime or sending foul emails to Law Enforcement Agencies spoofing people’s emails. Experts can be hired to return in kind that kind of behavior. Maybe you got some pay back. You do have a lot of enemies. That’s what I think.I don’t know who did it but you deserved it.