MetService offline again today after cyber attack

Author
Newstalk ZB / NZ Herald,
Publish Date
Wed, 2 Sep 2020, 9:25AM
Photo / File
Photo / File

MetService offline again today after cyber attack

Author
Newstalk ZB / NZ Herald,
Publish Date
Wed, 2 Sep 2020, 9:25AM

Metservice's website was offline this morning in what could be another cyber attack.

It was initially offline, then replaced by a minimalist backup site (see image below).

The weather forecaster did not immediately respond to a request for comment, but yesterday it said it had been a DDoS (distributed denial of service) attack - albeit one that was repelled.

"As of 5pm, there has been no notable loss of performance to any MetService digital platforms," a Metservice spokesman said late yesterday.

"MetService also operates a back-up site, this site contains all safety critical information, and includes authorised MetService severe weather watches and warnings, MetService rain radar imagery and brief forecast information."

The Metservice team remained "on the highest alert of any threat" and the forecaster's service provider had extra resources to manage the situation should it escalate, he said.

Westpac updates on attack

Although the NZX has drawn headlines after suffering a five-day DDoS assault - which experts saw as an attempt to extort the exchange - a number of other NZ organisations have also been hit recently.

Fonterra told the Herald it successfully repelled a cyber attack last month.

And Westpac confirmed to the Herald this morning that it had also been hit by hackers a fortnight ago.

"As a large organisation, we are regularly targeted by cyber criminals including through DDoS attacks. We have dedicated teams working around the clock to ensure we are always alert to threats and our systems and customers are protected," a spokesman said.

"On Tuesday August 18 we successfully repelled a DDoS attack. A small number of customers may have experienced intermittent issues logging-in for a short period as the attack traffic was managed, but our systems did not go offline. This was resolved quickly.

"We have not been targeted by any DDoS attacks since then."

Media outlets RNZ and Stuff say they suffered DDoS attacks over the weekend, but were able to deflect them.

What is a DDoS attack?

Security company NortonLifeLocks says criminals prepare for a DDoS attack by taking over thousands of computers. These are often referred to as "zombie computers". They form what is known as a "botnet" or network of bots. These are used to flood targeted websites, servers and networks with more data than they can accommodate.

A volume-based or "volumetric" DDoS attack, which was apparently the variant that hit the NZX, sends massive amounts of traffic to overwhelm a network's bandwidth, NortonLifeLock says.

The company says a DDoS attack has to be repelled at the internet service provider level, which often this involves temporarily blocking traffic from certain IP addresses.

But it is also a good idea to keep security software up to date so your PC does not unwittingly become part of a botnet attack.

The NZX did not immediately respond to questions about whether it had received any extortion demand, whether its communications setup involved multiple providers for redundancy, and what steps were being taken to avoid another attack.

Read more on why NZ is being targetted by hackers in 2020 here.

;