The workflow of thousands of New Zealanders on Friday afternoon was disrupted today when their internet connection was cut off due to a cyberattack on a major internet provider.
Internet infrastructure provider Vocus, which operates the Internet connections for Orcon, Slingshot, Flip, and Stuff Fiber, was hit with a DDoS attack that halted its Internet connection for approximately 30 minutes just after 1pm this afternoon.
Reports from affected users came from across the country, but mostly from the North Island, including Auckland, Hamilton, and Wellington.
In a statement on its website, Vocus confirmed that the problem was related to a DDoS attack.
He said mitigation measures had been put in place to reduce the impact, current outages were not reported, and services would continue to be monitored.
A DDoS attack occurs when attackers attempt to disrupt normal traffic to an Internet service, server, or network. The goal is to impede access and prevent people from accessing the services they need. The attacks work by flooding a website with bogus requests, exceeding its capacity. That meant normal, legitimate requests couldn’t be processed.
The technique was the one used in a series of attacks on the NZX last year.
AUT computer science professor Dave Parry called this attack style common, but this hit was on a significant scale.
“The fact is that there are attacks of this type all the time, all over the world and also in New Zealand previously. I don’t know what the data size of this attack is, but the scale will be very large. The real effect of ending with the major ISPs it’s huge. “
Parry said there were filters throughout the international connection system trying to fend off these types of attacks, but it appeared that this type is new to the scene and went unnoticed before being quickly repaired.
“This will be a new one that has not been seen before, so it is not automatically rejected, so it took about an hour to figure out how to protect and block it,” he said.
He said the attack is an intimidation attempt by hackers with dollar signs in their eyes.
“The message would have been to look at what we can do and pay ourselves some money, otherwise we will do it again. It is annoying and disturbing, but probably not particularly dangerous.”
Parry said more attack attempts are likely in the coming days.
“I suspect they will try again and may be successful for a while, but it will probably be a shorter interruption next time. There will be a lot of resources moving into the cybersecurity space right now, both from government and industry.”
Dr Rizwan Asghar from the University of Auckland College of Computer Science said companies should have guidelines on protecting and responding to DDoS attacks, particularly after the cyberattack on Waikato DHB.
He said protection mechanisms could range from simple firewall protection to internal programs.