A number of sites targeted in cyber attacks

The NZX website had problems last week with sustained denial of service (DDOS) attacks that rendered the site unusable at times. RNZ and Stuff were also affected.

Stuff: Govt spy agency has ‘no clues’ on source of cyberattacks on NZX

The Government does not have any clues yet on who might be behind cyberattacks on the NZX, Radio NZ and Stuff, GCSB Minister Andrew Little says.

Little told Radio NZ that other organisations in Southeast Asia and North America had been subject to distributed denial-of-service (DDoS​) attacks that had the same “modus operandi” and the Government was working with its Five Eyes partners to investigate.

It is believed the criminals claimed in ransom notes sent to some victims ahead of attacks that they were associated with a notorious Russian group called Fancy Bear but Little believed that was “a decoy”.

Stuff spokeswoman Candice Robertson said Stuff had been targeted by a DDoS attack on Sunday which it had successfully defended itself against.

“Importantly, the Stuff site remains secure,” she said.

Radio NZ spokeswoman Charlotte McLauchlan said it had also experienced multiple DDoS attacks during the past 24 hours.

“We understand this may have been the same group that has been attacking the NZX and we are currently investigating,” she said.

“Our site remains secure and this has not impacted our audience.”

This week the problems have spread, with Metservice and TSB targeted yesterday and today, and some news sites (Stuff) also saying they have been attacked.

NZ Herald: MetService latest NZ organisation to be hit by targeted cyber attack, TSB experiences tech issues

MetService is the latest organisation to be hit by the same cyber attack that crashed the NZX website for five days.

The weather forecaster was hit by a DDoS (distributed denial of service) attack today, but a spokesman said it was dealt with “in a timely manner”.

TSB bank also responded to an incident causing disruption to some of its services this afternoon.

CEO Donna Cooper said the bank had informed the appropriate authorities and would continue to work closely with them on this.

Cooper declined to comment on whether the incident may have been related to a cyber attack.

But it also seems that blogs are being impacted in some way.

LPrent at The Standard: The background traffic is loud.

Along with the grey weather, the weather around our local net is downright annoying at present. There are a massive increase in attempts to break into this site via backend systems and brute force front-end logins, a surge in scans from the search engine spider bots, and a lot of requests for putting up paid content. All of which have been ignored or dealt with. Good thing that we aren’t a target like the NZX, banks, mainstream media and the MetService are. 

The BFD: Speed Issues affecting The BFD

We are all too aware of the slowness affecting The BFD at the moment and despite a huge amount of effort behind the scenes have yet to resolve this.

This issue is not specific to The BFD and is affecting a large number of sites all over the world.

It’s happened because the latest security update to the WordPress platform the site runs on does not play nicely with all the extra add ons that make the site look and work the way it does.

So both blogs say they are not being subjected to DDOS attacks, but it’s a curious coincidence.

Leave a comment

7 Comments

  1. Alan Wilkinson

     /  2nd September 2020

    People who allow their devices to be compromised into botnets should get them blocked off the internet by their ISPs and ISPs who fail to take action should be themselves blocked.

    Reply
    • Duker

       /  2nd September 2020

      They could be anywhere in the world , its not called the WWW for nothing.
      Any way most home users dont have fixed IP addresses and I once had a hawaiian adress allocated for a day as then telecom had ‘rented’ a block of adresses from there.
      The idea of ISP checking each users activity is like finding a needle in a haystack, and belongs to a now forgotten world of sending cheques and buying stamps ..things that have moved on from.

      Reply
      • Alan Wilkinson

         /  2nd September 2020

        Rubbish. ISPs have a record of ip assignments and just need to be notified of the address and time a botnet element was active and identified.

        Reply
        • Duker

           /  2nd September 2020

          Good luck with Moldova or Egypt helping out on that…my point is there isnt staff to check back on ‘needles in haystack’.
          We found that out in our body corporate, the bank isnt bothered in following an owner in default, wheres as 10 years they would have …no people to do so of course.

          Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s