New Zealand organisations are continuing to deal with a barrage of large scale online cyber attacks that began over a week ago. Users of services from Kiwibank, ANZ, NZ Post and the Metservice have been impacted by these Distributed Denial of Service attacks which have at times blocked successful use of their websites and mobile apps.
What is a Denial of Service (or DDoS) attack?
“You can think of Denial of Service (or DDoS) attacks a little bit like what happens when too much traffic means roads are blocked for a period of time. However in a DDoS attack instead of roads it’s parts of the internet that gets blocked – and these attacks are typically carried out maliciously for financial gain.” says Paul Spain of Gorilla Cyber Security.
Spain breaks it down further “In a denial of service cyber-attack – it’s similar to a planned roading blockage caused by a protest, but online, with effectively too many computers trying to reach a particular website (such as your bank) all at once. A cyber attacker can achieve this by controlling a very large number of computers and commanding those computers to flood a particular website and therefore make it inaccessible.”
What can be done?
Organisations can reduce the impact of a Distributed Denial of Service (or DDoS) attack by preparing upfront and using a provider specifically geared up to protect against such attacks – such companies include AWS, Akamai, Cloudflare and Fastly. This is especially important for businesses who have a customer portal or who carry out online transactions (ecommerce) through an online store.
“It's also possible for attacks to happen not just on websites, but on other key infrastructure - such as an online phone system, virtual private network link or office internet connection. Advance planning is always best, however infrastructure changes can be made on the fly when an organisation is under attack by cyber criminals.” indicates Spain.
Watch the video.