Internet shutdown in New Zealand after a historical DDOS attack over major ISP

One of the most important Internet service providers in New Zealand suffered a massive denial of service (DoS) attack that left a considerable number of regions in the country offline. Vocus, the affected company, confirmed that the attack originated in one of its customers.

The company disclosed that a DoS mitigation rule was implemented on its Arbor platform (provided by tech firm Netscout) to contain the scope of the attack, in addition to starting with its own investigation: “The change described above disrupted service to a variety of Vocus customers. We are working to understand why this happened; the interruptions would have taken up to 30 minutes,” the company says.

At the time of writing, all services seemed going back to normal.

Additional details are still unknown, but it is mentioned that this incident would have caused significant disruption across the country, which becomes a critical scenario in the context of COVID-19 restrictions, which have hundreds of thousands of people relying extensively on computer systems.

This morning the international news agency Reuters published a report suggesting that the mitigation measures implemented by the company could have had a domino effect, making the attack much larger than it was originally and reaching large cities such as Auckland, Wellington and Christchurch.

This incident was reported just a couple of days after the operations of a Voice over Internet Protocol (VoIP) provider were compromised by a DoS attack of similar scope, allegedly deployed by Russian hackers in search of a millionaire ransom.

Another eye-catching incident was reported in the south of England and in some locations in Wales, where Sky Broadband appears to have failed massively since Wednesday afternoon and throughout Thursday. A Sky spokesman said the company was aware of the problems, so service would be restored to normal on Friday.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.