NZ net users fall victim to China-US cyber war

By PETER GRIFFIN

A major New Zealand internet service provider has suffered a sustained attack which cut e-mails and blocked access to web pages as part of the global cyber war between Chinese and United States hackers.

Asia Online, which has up to 25,000 mainly businesses customers in New Zealand, confirmed that it had been under attack since Sunday and its help desk said the raid originated in China, where hackers have been waging a tit-for-tat computer war with US counterparts.

"The attacks are crippling our services and the whole network is practically at the point of standstill," Asia Online's Sydney-based customer help desk told the Herald.

"We have been told it's not just Asia Online, it's other ISPs as well."

The technique is known as a denial-of-service attack, in which hackers send vast amounts of spurious data to an internet server in a bid to cripple a website or internet service.

New Zealand's biggest such attack came last February, when hackers tried to shut down the popular ISP Ihug.

The latest denial-of-service attack comes as an increasing number of New Zealand websites are defaced by hackers. Freenet fell victim when its mail server web page was replaced with anti-US slogans.

The international hacker monitoring site attrition.org yesterday reported that two other New Zealand sites, belonging to Creative Training, a computer training company, and the Public Service Association, were also defaced.

Chris Jennings, IT systems manager at the Ministry of Health, a customer of Asia Online, said he had been told directly by an Asia Online account manager that the service problems were "related to the hacking wars between China and the US."

The same message was received by freelance journalist Vicki Jayne, who approached Asia Online after continued problems with internet browsing and e-mail.

Advertising agency Colenso, another customer of Asia Online, has been experiencing disruption to internet services since last Thursday.

IT manager Tony Gurnick said the company had switched to backup services from another ISP.

But while Asia Online's help desk has been saying the attack originated in China, its general manager, Kevin Francis, said the company had been unable to trace the attacks back to their source and was at a loss to explain why the site had been attacked.

Asia Online instead pointed the finger at customer Wilson & Horton, which publishes the Herald, saying it appeared that was the route by which hackers had struck.

Wilson & Horton's chief information officer, Garry McKenzie, rejected the claim.

"Our network statistics and monitoring don't show that we've been delivering anything but normal amounts of data to Asia Online."

Brett Moore, a security adviser at internet security firm Software Creations, said it was common practice for hackers to masquerade as customers of ISPs to carry out denial-of-service attacks.

He had recently carried out a "friendly hack" on 100 New Zealand sites to inform them of their security gaps.

Most had holes allowing him to access directories of website files.

During a scan of local websites yesterday, Mr Moore said he detected several files originating from China.

"They're about ready to deface a whole lot of New Zealand sites.

"The setup is there already."