Just when you thought 2020 couldn't get any stranger, we've now got armies of infected zombie computers attacking institutions including the New Zealand stock exchange and the national weather bureau.
The NZX, MetService, Mt Ruapehu skifield, Westpac, Stuff, RNZ and TSB were all targeted in a wave of Distributed Denial of Service attacks. The GCSB and NCSC confirmed they were aware of an ongoing DDoS campaign affecting multiple New Zealand organisations. The criminals behind the attacks send an email warning to their target, then launch a devastating DDoS assault if the ransom is not paid in Bitcoin. The Five Eyes intelligence alliance was investigating the campaign.
The Dark Web Market
Cyber Citadel CEO Jonathan Sharrock explained that the tools required to launch DDoS attacks are readily available on the dark web, costing as little as US$10 to US$60. However, accessing the dark web and purchasing these tools is not straightforward for the average person. It requires connections and knowledge of the underground community.
"You or I would get spotted straight away. You need to know the lingo," Sharrock said of the dark web marketplace.
Telco Defence
There is very little an individual victim can do alone to defend against a large-scale DDoS attack. Telecommunications providers serve as the first line of defence. Sharrock argued that the tsunami of malicious traffic should be stopped at the border by the telco provider before it ever reaches the target's infrastructure.
However, current service agreements between telcos and their customers may be inadequate to address the scale of modern DDoS campaigns. Telecommunications companies need to bulk up their bandwidth and invest in more robust traffic filtering and scrubbing capabilities to protect their customers from these increasingly common attacks.
Published in Stuff — 4 September 2020.