The Central Intelligence Agency has come under attack by a modified botnet on the SSL port (secure sockets layer). The same botnet has also launched attacks against PayPal and several hundred other websites.
The botnet sends a flood of legitimate-looking information requests over the SSL port, which forces them to consume more resources, according to Shadowserver Foundation, a security research collective.
The attacks began approximately a week ago and appear to come from a modified version of the Pushdo botnet, according to The Register.
Researchers have found more than 300 websites that have been subjected to the attack and include American Express and SANS Institute websites. However, the bots do not appear to be requesting any data, making the attacks dissimilar to DDoS attacks.
