Home
 » ISP News » 
Sponsored

UK Broadband Provider AAISP Suffers Strong DDoS Assault

Thursday, November 19th, 2015 (10:39 am) - Score 1,517

Internet provider Andrews and Arnold (AAISP) appears to have become the target for a semi-sporadic Distributed Denial of Service assault (DNS reflection), which began hitting their network yesterday and has caused some of their customers to lose connection.

Generally speaking DDoS attacks work by overloading a target server (e.g. a website or other network service) with masses of data requests from multiple internet connected computers / devices; usually Trojan/Virus infected computers that then become part of a botnet, which can be controlled by a single individual that usually hides their connection behind other servers.

At this point it’s crucial to reflect that DDoS attacks happen to ISPs all the time (we read about them on an almost weekly basis), they’re practically par-for-the-course, but most can be mitigated and few are ever significant enough to knock lots of end-users offline. In nearly all cases these incidents aren’t actually an attack against the ISP, but rather somebody targeting a specific customer on the ISPs network.

As such this should NOT be confused with the recent TalkTalk incident, which also involved a separate hacking attempt and was aimed at the ISPs web server. By comparison the assault against AAISP appears to have targeted part of their network and NOT their website, which is usually what happens when somebody is looking to knock a specific subscriber offline.

The nature of this assault, which seems both powerful and aimed at several areas of their network, meant that AAISP’s “usual anti-DOS systems have not helped“, although they were later able to “mitigated most of the problems.” Unfortunately the assault began again this morning and moved to a new target block, which has kept AAISP’s staff on their toes.

Adrian Kennard, Director of AAISP, told ISPreview.co.uk:

Staff have been working on this to reduce the impact on all customers as much as possible, and are continuing to do so today. There are still a handful customers that are collateral damage from the attack and we are working on getting those customers on line right now.”

Apparently “many” of AAISPs customers have been affected by the DDoS, although only a handful were actually left without Internet connectivity and the provider is now attempting to identify which customers were being targeted by the assault (in practice they may not get to the bottom of this, just as most other ISPs rarely do).

In the meantime some of provider’s customers are having their WAN IP address changed to get them on-line, including a few that own blocks of IPs (this can sometimes be a bit more tricky for the customer). One of those is Basingstoke based fixed wireless broadband ISP HiWiFi, which has been tweeting about the incident since last night.

It’s worth pointing out that the Computer Misuse Act effectively makes DDoS illegal, although finding the perpetrators is rather more difficult, not least because such attacks are usually short-lived (the longer they go on the greater the chance of being traced and caught).

UPDATE 2:56pm

The problem has now been resolve and AAISP have also identified the customer who was targeted, although we’re unlikely get any further details as the police are investigating.

Leave a Comment
1 Response

Comments are closed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Ultrafast ISPs
  • Gigaclear £17.00 (*40.00)
    Speed: 200Mbps, Unlimited
    Gift: None
  • Community Fibre £20.00
    Speed: 150Mbps, Unlimited
    Gift: None
  • Virgin Media £25.00
    Speed: 108Mbps, Unlimited
    Gift: None
  • Vodafone £25.00
    Speed: 100Mbps, Unlimited
    Gift: None
  • Hyperoptic £25.00
    Speed: 150Mbps, Unlimited
    Gift: None
Large Availability | View All
Cheapest Superfast ISPs
  • Hyperoptic £17.99
    Speed 30Mbps, Unlimited
    Gift: None
  • NOW £21.00
    Speed 36Mbps, Unlimited
    Gift: None
  • Shell Energy £21.99
    Speed 35Mbps, Unlimited
    Gift: None
  • Vodafone £22.00
    Speed 38Mbps, Unlimited
    Gift: None
  • Plusnet £22.99
    Speed 36Mbps, Unlimited
    Gift: £60 Reward Card
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (4004)
  2. BT (3128)
  3. Politics (2085)
  4. Building Digital UK (2007)
  5. Openreach (1948)
  6. FTTC (1915)
  7. Business (1801)
  8. Mobile Broadband (1584)
  9. Statistics (1483)
  10. FTTH (1369)
  11. 4G (1357)
  12. Virgin Media (1263)
  13. Ofcom Regulation (1225)
  14. Fibre Optic (1220)
  15. Wireless Internet (1218)
  16. Vodafone (917)
  17. EE (896)
  18. 5G (870)
  19. TalkTalk (812)
  20. Sky Broadband (781)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact