[BreachExchange] Mt Ruapehu latest to be struck by cyber attacks; fights back

Destry Winant destry at riskbasedsecurity.com
Thu Sep 3 10:32:27 EDT 2020 

https://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=12361622

Mt Ruapehu has been the latest Kiwi company to be struck by cyber
criminals, with its website being crippled this morning.

However, the company states the attack was only short-lived and it was
able to get its systems up and running "within a few minutes".

The attack comes just a few hours after the MetService's website went
offline, about 7.30am, after a second day of cyber attacks.

The forecaster ominously said it was expecting more. It had since set
up a temporary, basic page with weather for the districts.

The hits come after many other Kiwi businesses had been targeted, most
notably the NZX which was hit for five days, Westpac, TSB, Stuff and
RNZ.

Fonterra told the Herald it successfully repelled a cyber attack last month.

A post on Mt Ruapehu's Facebook page today stated it was hit at 10am
as they were about to release carparks, its "bookable parking system
was deliberately crashed by an external cyber-attack (DDoS)".

Mt Ruapehu's website was briefly struck in a cyber attack at 10am
today. Photo / File

"The good news is this attack ultimately failed as our parking system
was back online within a few minutes, however we can see that this did
cause some disruption to your booking journey. The cyber security team
is following this up with the ISP (Internet Service Provider) of the
attacker."

The company apologised for the attack and its next car park release -
set for 6pm - would go ahead as planned.

Security company NortonLifeLocks said criminals prepare for a DDoS
attack by taking over thousands of computers.

These were often referred to as "zombie computers". They form what is
known as a "botnet" or network of bots. These are used to flood
targeted websites, servers and networks with more data than they can
accommodate.

A volume-based or "volumetric" DDoS attack, which was apparently the
variant that hit the NZX, sends massive amounts of traffic to
overwhelm a network's bandwidth, NortonLifeLock says.

The company says a DDoS attack has to be repelled at the internet
service provider level, which often involves temporarily blocking
traffic from certain IP addresses.

More information about the BreachExchange mailing list