Internet Archive is still not fully recovered: Here's how the attack unfolded

The incident came in the form of a Distributed Denial-of-service (DDoS) attack - which involves flooding a site with traffic to overwhelm a server, making it impossible to access. Research from Netscout revealed significant deviation of network traffic to archive.org, which supports the claims of a DDoS attack. Reports suggest there was at least 3 hours and 20 minutes of DDoS activity, and at least three distinct IP addresses used by archive.org received DDoS traffic.

Cautiously back online

In this specific case, the attack used two attack vectors: TCP reset floods and HTTPS application layer attacks. The TCP flood will flood a victim with huge numbers of Transmission Control Protocol (TCP) reset packets, which tricks a computer into terminating its connection with others in its network.

In contrast, the HTTPS application layer attack will typically aim to overwhelm servers by targeting the application layer in order to disrupt the normal flow of traffic, rendering normal services unavailable.

By crawling the web, the archive and its 150 staff work to preserve internet pages and provide free access to thousands of books, videos, and audio files. The motive for the attack isn’t clear, but the hack is said to have exposed the data of up to 31 million users.

The compromised data, which is said to include email addresses, screen names, and Bcrypt passwords, could leave users exposed and at risk of threat actors using their information for nefarious purposes.

More from TechRadar Pro

• Check out our pick of the best identity theft protection around
• Someone needs to save the Internet Archives from the lawyers and I have an idea
• We've also rounded up the best malware removal software