DDoS attack takes out Melbourne IT DNS servers

Services interrupted for more than an hour

Domain name registrar, Melbourne IT, and its subsidiaries, Netregistry and TPP Wholesale, fell victim to a “large” distributed denial of service (DDoS) attack on 13 April, which took down their domain name system (DNS) servers for over an hour.

“Today we experienced a large DDoS attack on our DNS servers that disrupted our web hosting (Cloud and cPanel), email platforms, and access to the Console (our customer administration portal),” the company told customers almost six hours after its systems began experiencing trouble.

According to the publicly-listed Melbourne IT and its subsidiary, the incident started at around 10 AM on 13 April, with the companies telling customers that a variety of services had been interrupted, including the console, cPanel, cloud hosting and mail platforms.

“All available resources are working on bringing services back to normal,” the companies said at the time.

“We have all engineers currently investigating the issue as a priority and are working towards a resolution. Our Engineers are unable to provide an ETA at this time,” they said.

By 12:30PM, the companies told customers that the issues had been resolved, and that it was continuing to monitor the situation.

“In response, we implemented our DDoS mitigation services as standard operating procedure and implemented international traffic management measures. This returned normal service by 11:30AM,” the companies said.

The DDoS attack on Melbourne IT and Netregistry comes at the tail end of a boom year for such attacks globally and in the local market.

The magnitude of such attacks rose consistently throughout 2016, a report from communications and analysis firm, Neustar revealed in December last year.

The company said that the frequency of DDoS attacks it mitigated in 2016 increased by 40 per cent compared to the same period of time in 2015.

Similarly, network service provider, Akamai, witnessed an increase in DDoS attacks every quarter of 2016, and between Q3 2015 and Q3 2016, the provider saw a 71 per cent increase in strikes.

In August last year, a series of DDoS attacks originating from overseas hit the the 2016 eCensus portal, effectively resulting in its shutdown, with the incident subsequently seeing eCensus project contract lead, IBM, come under intense scrutiny over the failure of its DDoS mitigation strategy.