Keeping you updated on the DDoS attack

On 25 May we received an email threatening a distributed denial of service (DDoS) attack on our services, unless we paid a ransom.

We didn't pay and, later that morning, the attack started. This has hit our Sydney-hosted customers hardest, along with those routing traffic internationally.

Our team have been working around the clock on this, and it's our number one priority. We know how disruptive this has been, and we're sorry for the impact that these attacks have had.

Here's a quick update to let you know what’s been going on behind the scenes.

The demand

There wasn't much time between us receiving the demand and the attack beginning. The attacker tried pressuring us into making a rushed decision, but we didn't.

Even if we did send money to the blackmailers, there’s a strong chance that they would go ahead and cause mayhem anyway. If we succumb to the demands of anonymous criminals the first time, why wouldn’t they try again? We could have ended up becoming an even bigger target than before.

New Zealand's Government very clearly “strongly discourages” ransom payments. On top of that, depending where the attack is coming from, paying a ransom could be breaching international sanctions. Paying ransoms in that case would literally be a criminal act. (If you open that link you’ll see that the Government advises ransom targets like us to report what’s happening. I can confirm that we’ve been in touch with the right authorities.)

On top of all that, we can all agree that these criminals don’t deserve anyone’s money.

What is a DDoS attack?

If you’re lucky, you’ll have never had to think about a DDoS attack before. DDoS attacks basically involve directing a huge volume of computers or devices at an online service, with the goal of flooding and overwhelming the network.

When the massive rush of traffic is too much for a server or network to handle, regular users lose the ability to reach the website and begin experiencing a denial-of-service (hence the name).

Who it’s impacting

Overseas traffic has been experiencing the brunt of the disruption. That includes websites routing traffic through services like Cloudflare. New Zealand traffic has mostly been stable since the first couple of hours of the attack.

Affected customers will unfortunately have experienced intermittent interruptions. Some websites have been rendered unreachable from many locations, while others suffered degraded performance.

We’ve been providing updates

While our team has been working around the clock to keep this DDoS attack at bay, we’ve also been posting Announcements. We know that you want as much information as possible, and when incidents like this one happen that page is the place to go for the latest details.

It's a collective effort

We’ve been working with our upstream providers to optimise DDoS mitigation measures, and they have taken this attack as seriously as we have. Our thanks to our networking providers and others, here and overseas, who have made this a top priority and been in close communication with us throughout.

How you can help

It’s useful for us to know what isn’t working for you, along with some other details. You can help our team by emailing [email protected].

• If there’s a MyHost website or service that you can’t reach, let us know what's not working for you, and your IP address (which you can get from whatsmyip.com).
• If your website is down, let us know your IP address and the website domain.
• If you encounter network issues to our servers, please provide us with your IP address and traceroute, if possible, to and from the server to your local network and forward it to [email protected].

We have received a number of supportive and understanding messages from MyHost customers. Your support means a lot to us when things are stressful. Thank you all for recognising our team’s hard work and putting a bit of extra wind in our sails.

And to close, thank you for your patience during this incident.