Home
 » ISP News » 
Sponsored

Zzoomm Apologises for Disruption in Oxfordshire UK After DDoS

Friday, June 25th, 2021 (8:23 am) - Score 1,824
zzoomm yellow van

Alternative broadband ISP Zzoomm, which is deploying a 10Gbps Fibre-to-the-Premises (FTTP) broadband network to 1 million UK homes by the end of 2025, has apologised to their customers in the Oxfordshire town of Henley-on-Thames after a Distributed Denial of Service (DDoS) assault disrupted their connectivity.

DDoS attacks typically work by overloading a target server or end-user with masses of data requests from multiple internet connected devices (often malware hijacked computers / botnets etc.), which can cause the intended target to crash or suffer significant performance problems until the bad traffic stops. Such attacks may also expose other weaknesses that hackers can exploit (or even blackmail), such as happened to TalkTalk in 2015 (here).

In this case, it wasn’t Zzoomm that was attacked, but rather one of their upstream suppliers in the area. “These were instigated by a malicious party who has attempted to extort payment from another of their customers. They effectively flooded the upstream network with traffic overloading their systems,” said the ISP. As a result, Zzoomm’s local customers have also faced related “service interruptions” over the last week.

All of us here at Zzoomm would like to apologise for the service interruptions experienced in Henley-on-Thames over the last week. We have not delivered the level of reliability that you have every right to expect from the Zzoomm service,” said the provider in a reassuringly candid response.

At this point it’s crucial to reflect that DDoS attacks happen to UK ISPs all the time, they’re practically par-for-the-course in this business, but most can be mitigated and few are ever significant enough to disrupt connectivity for lots of end-users. In nearly all cases, these incidents aren’t actually an attack against the ISP, but rather somebody targeting a specific customer or upstream network provider for the ISP.

Most ISPs thus prefer not to speak about such things in public, often putting related incidents down to ambiguous network connectivity faults instead.

Zzoomm Statement

“Working with our upstream provider we have looked at how together we can (1) limit the impact of these attacks and (2) respond faster to the attacks. Specifically, our upstream provider has put in place a DDOS filtering service which should make the type of attack that they, and we, have experienced over the last week ineffective.

In addition, we are putting in place more capacity in the core network, which will make it more difficult to be overwhelmed by DDOS attacks. Finally, we are improving our management tools to allow us to respond faster to reconfigure the core network to sidestep different attack vectors. Making these changes has taken time as services and equipment need to be ordered, delivered, provisioned, tested and made live.”

However, merely resolving the underlying exposure to such assaults was not enough for Zzoomm. On top of the aforementioned changes, they’ve also given “every” customer a free period of service and will even upgrade them – from the beginning of July 2021 – to a fully symmetrical speed for the next couple of months (existing customers who pay for this boost will get it for free over the same period).

Zzoomm has also said that they intend to launch a Service Status page, which customers will be able to check in order to identify whether there are any ongoing problems in particular areas (all ISPs should really have these by default, but some providers still don’t). Finally, Zzoomm said they would “continue to work with all our partners to put in place improved defences and heightened checks to limit the impact of any attacks in the future.”

We have to credit Zzoomm here for being transparent with their experience and doing a great job of supporting their customers, not least with lots of service freebies.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
Tags: , ,
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
6 Responses
  1. James says:

    A bit of digging suggests the third party supplier who is affected is Amatis: https://status.amatisnetworks.com/

    1. John says:

      I think they simply share the same carrier and Amatis don’t necessarily carry Zzoomm’s traffic.

      From your link:
      “Identified – We have been liaising with our upstream carriers and they have applied some filters and blackhole routing to mitigate the attack. We are gradually seeing traffic levels drop and some services restore.
      Jun 20, 18:45 BST”

  2. Mark Stokes says:

    A single upstream network and no peering at LINX Manchester or LINX London doesn’t inspire confidence in their service… I’m sure within a few weeks they change that setup.

    1. MikeP says:

      A small ISP won’t have the time or other resources to get full peering setup in their early days. Better things to do than installing kit in the LINX 🙂 Taking a fully peered redundant link via an upstream is the Right Thing To Do to get started.

      This case does, however, beg the question of what DDOS protection the upstream had or could implement in a short timescale.

    2. Olly says:

      Amatis are likely using DDoS-protected from transit from NTT, a T1. NTT use mostly Arbor and rate limiting to mitigate.

      Zzoomm have certainly picked an interesting upstream. I can’t find any info to support Amatis owning a physical national or even metro fibre network. I imagine Amatis had a 10G+ lit link somewhere close to Zzoomm’s first rollout area and they’ve simply stuck with them for future rollouts. Who knows!

    3. Pedant says:

      Seems somewhat pointless to have their own ASN if they can’t be bothered to multi-home, or didnt think it was necessary until their upstream gets knocked offline..

      https://bgp.he.net/AS35433#_graph4

Leave a Reply to Mark Stokes Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Vodafone £19.50 (*22.50)
    Speed 38Mbps, Unlimited
    Gift: None
  • NOW £20.00 (*32.00)
    Speed 36Mbps, Unlimited
    Gift: None
  • Hyperoptic £20.00 (*25.00)
    Speed 50Mbps, Unlimited
    Gift: Promo Code: BIRTHDAY10
  • Shell Energy £21.99 (*30.99)
    Speed 35Mbps, Unlimited
    Gift: None
  • Plusnet £22.00 (*38.20)
    Speed 36Mbps, Unlimited
    Gift: £60 Reward Card
Large Availability | View All
Cheapest Ultrafast ISPs
  • Gigaclear £24.00 (*49.00)
    Speed: 300Mbps, Unlimited
    Gift: None
  • Vodafone £24.00 (*27.00)
    Speed: 100Mbps, Unlimited
    Gift: None
  • Community Fibre £25.00 (*27.50)
    Speed: 200Mbps, Unlimited
    Gift: None
  • Hyperoptic £25.00 (*35.00)
    Speed: 150Mbps, Unlimited
    Gift: Promo Code: BIRTHDAY10
  • Virgin Media £28.00 (*52.00)
    Speed: 108Mbps, Unlimited
    Gift: None
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (3553)
  2. BT (3021)
  3. Politics (1936)
  4. Building Digital UK (1924)
  5. FTTC (1887)
  6. Openreach (1834)
  7. Business (1690)
  8. Mobile Broadband (1478)
  9. Statistics (1408)
  10. FTTH (1365)
  11. 4G (1276)
  12. Fibre Optic (1172)
  13. Virgin Media (1167)
  14. Wireless Internet (1159)
  15. Ofcom Regulation (1147)
  16. Vodafone (845)
  17. EE (834)
  18. 5G (770)
  19. TalkTalk (769)
  20. Sky Broadband (747)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact