You may have noticed some interruption with your website availability lately. These outages have been caused by DDoS attacks. Simply put, a DDoS attack simulates millions of computers trying to access a website at the same time. This puts tremendous stress on the online infrastructure and can make accessing a website difficult, or impossible. A more detailed explanation can be found here.
DDoS attacks are difficult to resolve and are a rapidly expanding class of security attack. They don't result from a site being ‘hacked’ and don't lead to any leak or loss of confidential information. They simply make it impossible to access the site. They can be created by attackers with limited technical skill but there are few options for countering them.
Working with our upstream providers, we have been able to stop these attacks. We apologise for the inconvenience and thank you for your patience.
We believe these attacks are targeted at one of our customers. If you have experienced any kind of extortion attempt or communication threatening an attack like this please let us know. Any feedback regarding recent threats will be treated in the strictest confidence.
This attack we recently experienced is also larger than average. We thought therefore, we would follow up with some research our team have been working on.
How do they work?
Denial-of-service (DDoS) attacks usually involve criminals harnessing vast networks of computers that have been infected with malware and using them to bombard a victim's website with requests for page loads, resulting in the targeted website seizing up under the weight of the incoming traffic.
How common are DDoS assaults?
Distributed denial of service (DDoS) attacks continue to grow in frequency, sophistication and bandwidth.
According to a report released by NexusGuard, DDoS attacks have increased by 29% since Q2 2017, with the average attack size increased by 543% to 26.37 Gbps. Learn more
Why do DDos attacks occur?
Extortion is a common motive. The National Cyber Security Centre, a division of the Government Communications Security Bureau (GCSB), said that “several" organisations had been sent emails telling them that if they didn't pay up they would experience a "sustained denial-of-service attack" that would knock them offline. The centre said that the blackmailers had followed up their threats with attacks that lasted up to an hour, to demonstrate their threat was credible.
Who is the target?
Because of privacy and the sensitive nature of security/extortion cases, not many site specific details end up in the media. Despite this, it has become a regular occurrence in recent years to read stories of businesses both overseas and in New Zealand being victims of sophisticated cyber attacks.
- NZ pummelled by DDoS attacks during Memcached attack outbreaks
- Cyber attacks aimed at school websites surge
Is my website security compromised?
A DDoS does not result from a site being ‘hacked’ and does not lead to any leak or loss of confidential information. They simply make it impossible to access the site.
How long does a DDos attack last?
The longest attack in Q2 2018 lasted 258 hours (almost 11 days), slightly short of the previous quarter’s record of 297 hours (12.4 days). The share of attacks from 10 to 50 hours almost doubled (from 8.28% to 16.27%); meanwhile, the share of attacks lasting from five to nine hours increased nearly by half (from 10.73% to 14.01%). The share of short-duration attacks (up to four hours) fell sharply from 80.73% in January to 69.49% in March. Learn More
What is Zeald doing?
In a nutshell, DDoS attacks are so hard to defend against because the attackers know where the victim is, but the victim doesn’t know where the attackers are. In addition, it’s extremely difficult to tell which packets come from the bad guys and which are legitimate users.
Both Zeald and our server hosting provider are affected by these attacks, so resolution and future prevention are of the highest priority for all. Unfortunately, we can’t disclose specifics; if we made these steps public, the attackers themselves would be aware, making our defence redundant.
If your website is still experiencing interruptions
Please get in touch with our support team who will work towards getting you back up and running.
Our Support Specialists are readily available and there will be no after-hours charges relating to DDoS issues.
Phone: 0508 932 748 ext 1. (for after-hours call, dial 0508 932 748 ext 9)
We appreciate your patience during this time and apologise again for any inconvenience caused.