![\"\"](\"http:\/\/kinetics.co.nz\/wp-content\/uploads\/2020\/11\/DDOS.jpg\")
<\/a><\/p>\nDDoS are surprisingly easy to undertake.\u00a0 The type of software used, called a Command and Control system, is easily available online from reputable suppliers.\u00a0 First you look for devices with known security issues.\u00a0 That could be any internet connected device. These can be security camera\u2019s, baby monitors, refrigerators, smart TV\u2019s or even computers.\u00a0 If you don\u2019t have the time or skill to search these out, you can purchase a \u00a0list of devices and passwords.\u00a0 You load the list in to your Command and Control software, then instruct all the devices to target (connect to) your victim.<\/p>\n
The result is a flood of connections, from all around the world.\u00a0 This will overwhelm the victim’s internet connection and effectively block legitimate traffic.\u00a0 A parallel is a contact call centre\u00a0 – when all the lines are busy, new callers are unable to connect.<\/p>\n
With the incoming connections being sourced from all around the world, and with massive volumes of traffic, this is extremely difficult to deal with.\u00a0 For example, the NZX attack is thought to have averaged around 40-60Gbps and to have peaked at 200Gbps.\u00a0 \u00a0This is hundreds of times more than the traffic levels that most business would normally consume under load.<\/p>\n
That raises the question.\u00a0 How do you deal with this sort of threat?<\/h2>\n
The answer is that you can\u2019t.\u00a0 Certainly you can’t do this directly. You need your ISP to be able to help you.<\/p>\n
Here at Kinetics, we use Vorco<\/a> as our ISP. \u00a0When we asked them how they would help us, the answer was pleasingly honest.\u00a0 At the time of the NZX attack, protection would have been to block access to us from all international addresses.\u00a0 It would have been a quick fix, but not a good one, as we \u00a0live in a virtual world without borders.<\/p>\n Since then they have confirmed that they are adding an extra layer of security by deploying specific advanced technology at all the international connection points to their network.\u00a0 \u00a0They will have the capacity to absorb attacks significantly higher than the NZX peak volume.\u00a0 Such a change is not inexpensive, but they are doing it as part of their standard service for all their clients.<\/p>\n If you are concerned that you maybe a DDoS target,\u00a0 your best protection is to ask your ISP how they will help you.\u00a0 We’re happy to have that conversation on your behalf.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" Denial of Service (aka what went wrong at the NZX?) In September the NZ Stock Exchange was the victim of an attempted extortion via a DDOS attack.\u00a0 The attack took them offline serval times over a number of days.\u00a0 Many business are now asking, what is DDOS and could we fall victim to it? DDoS […]<\/p>\n","protected":false},"author":5,"featured_media":5153,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"[header2 text=\"Denial of Service\u00a0(aka what went wrong at the NZX?)\" align=\"left\" color=\"#336A40\" margintop=\"\"]\n\nIn September the NZ Stock Exchange was the victim of an attempted extortion via a DDOS attack.\u00a0 The attack took them offline serval times over a number of days.\u00a0 Many business are now asking, what is DDOS and could we fall victim to it? [header2 text=\"That raises the question.\u00a0 How do you deal with this sort of threat?\" align=\"left\" color=\"#336A40\" margintop=\"\"]<\/p>\nThe answer is that you can\u2019t.\u00a0 Certainly you can't do this directly. You need your ISP to be able to help you.\n\nHere at Kinetics, we use Vorco<\/a> as our ISP. \u00a0When we asked them how they would help us, the answer was pleasingly honest.\u00a0 At the time of the NZX attack, protection would have been to block access to us from all international addresses.\u00a0 It would have been a quick fix, but not a good one, as we \u00a0live in a virtual world without borders.\n\nSince then they have confirmed that they are adding an extra layer of security by deploying specific advanced technology at all the international connection points to their network.\u00a0 \u00a0They will have the capacity to absorb attacks significantly higher than the NZX peak volume.\u00a0 Such a change is not inexpensive, but they are doing it as part of their standard service for all their clients.\n\nIf you are concerned that you maybe a DDoS target,\u00a0 your best protection is to ask your ISP how they will help you.\u00a0 We're happy to have that conversation on your behalf.","_et_gb_content_width":"","footnotes":""},"categories":[4,5],"tags":[],"class_list":["post-5150","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/5150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5150"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/5150\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<\/a>\n\nDDoS are surprisingly easy to undertake.\u00a0 The type of software used, called a Command and Control system, is easily available online from reputable suppliers.\u00a0 First you look for devices with known security issues.\u00a0 That could be any internet connected device. These can be security camera\u2019s, baby monitors, refrigerators, smart TV\u2019s or even computers.\u00a0 If you don\u2019t have the time or skill to search these out, you can purchase a \u00a0list of devices and passwords.\u00a0 You load the list in to your Command and Control software, then instruct all the devices to target (connect to) your victim.\n\nThe result is a flood of connections, from all around the world.\u00a0 This will overwhelm the victim's internet connection and effectively block legitimate traffic.\u00a0 A parallel is a contact call centre\u00a0 - when all the lines are busy, new callers are unable to connect.\n\nWith the incoming connections being sourced from all around the world, and with massive volumes of traffic, this is extremely difficult to deal with.\u00a0 For example, the NZX attack is thought to have averaged around 40-60Gbps and to have peaked at 200Gbps.\u00a0 \u00a0This is hundreds of times more than the traffic levels that most business would normally consume under load.\n