Regional publisher, Newsquest, has been hit by a DDoS (Denial of Service) cyber-attack, which brought down several of its websites causing them to malfunction. Barrier Networks and Closed Door Security respond.
According to a report on publishing news site, Hold the Front Page, the attack, which was described in internal documents as a “major business continuity event,” began on Monday 11th December and continued throughout Tuesday and into Wednesday. It was subsequently reported to the National Cyber Security Centre and messages posted on Newsquest websites apologising to readers for the disruption.
Ryan McConechy, CTO of Barrier Networks comments: “Newsquest is a major UK media house, so this attack would have caused disruptions for people accessing the news this week.”
According to updates, it sounds like the attack has largely been contained, but Newsquest must now work to investigate the incident to establish if the attackers managed to gain access to customer or employee data, or if the DDoS attack was just a smokescreen hiding something more severe, the Barrier Networks CTO says.
“DDoS attacks are a major threat to businesses today, particularly from attackers that want to make political statements or harm an organisation. They knock a website offline by flooding it with traffic, which makes it inaccessible and inoperable.
“The best way to detect DDoS attacks is through the use of technology which monitors web traffic and identifies unexpected peaks. When high volumes of traffic are detected, this can be investigated, and blocked if necessary, stopping the DDoS attack in its tracks.”
William Wright, CEO of Closed Door Security comments: “It sounds like reporters have been unable to digitally file their stories, which echoes the attack on the Guardian newspaper that happened just before Christmas last year. Hopefully Newsquest will be able to recover quickly and won’t suffer the downtime the Guardian experienced.
“DDoS attacks often don’t get as much publicity as ransomware today, but that doesn’t make them any less severe.
“In some cases, they are used to hide a data breach, while some attacks are carried out purely with the motivation of putting an organisation out of operation.”
Wright adds: “The attack highlights the importance of IoT security because IoT devices are often recruited into botnets to execute DDoS attacks. Organisations must embed IoT devices into their corporate security programs and assess and test them continuously for vulnerabilities. This is the best way to ensure their assets don’t get recruited into a botnet, and they are then unwittingly part of a DDoS attack against another organisation.”
For more Barrier Networks news, click here
