Spark internet back to normal

03:15, Sep 07 2014

Things are back to normal for Spark customers following a crippling internet attack possibly centred on illicit pictures of Hollywood stars but another attack is not out of the question.

Cyber criminals crippled New Zealand's internet, apparently with false promises of illicit pictures of Hollywood stars such as Hunger Games actor Jennifer Lawrence this weekend.

Several dozen computer users may have clicked emails, links on Facebook and Twitter hashtags on the promise of views of naked stars and without knowing it, turned their computer into a device to attack the rest of the world.

The attack was launched on Friday night from somewhere outside New Zealand and quickly impacted internet services, slowing them down and sometimes cutting them off completely. 

Spark spokesman Conor Roberts said the company's online traffic was back to normal this morning.

The issue had "stabilised" but Spark was not ruling out the possibility the network could be hit again, Roberts said.


"It could start up again today, tomorrow or in 10 months' time."

Roberts said he hoped the attack would not have a long-term impact on the company but customers that were impacted were understandably frustrated.

"It just shows that New Zealand is part of a global internet."

While these sorts of attacks were annoying they were not unusual around the world, he said.

Spark customer teams had worked throughout the night to fix the problem and had put in place new processes for handling these types of attacks, Roberts said.

Once the company had dealt with this attack it would be looking into what resources and processes were needed to best deal with attacks like this, he said, adding that the online world was a "pretty dynamic environment" and cyber crime tactics were constantly changing.

Roberts said the company was still unsure of who was behind the attack.

But IT specialists around the world know exactly what is going on: the internet is crashing because a lot of people want to see Jennifer Lawrence naked.

Computer security company Symantec and security experts TrendMicro issued alerts on Friday - just as New Zealand came under attack.

TrendMicro said with the big iCloud hacking leak of Hollywood stars it was only a matter of time "before some enterprising cybercriminal decided that things were ripe for leveraging with socially-engineered threats. 

"And that's just what happened."

TrendMicro said they found the first attack on Twitter, in the form of a tweet being posted with hashtags that contain the name of one of the leak's victims - Jennifer Lawrence. 

"The tweet spots a shortened link that, if clicked, leads the user to a website offering a video of the actress in question."

The tweets with the hashtag #jenniferlawrence include a shortened link to a video but users are directed to download a "video converter" that is actually malicious software. 

Symantec said scammers were sending fake texts and emails pretending to be from Apple support and saying that as part of the nude photo hacking, their computers had been compromised.

In a classic phishing scam, the cyber villains send messages that appear to be legitimate, convincing victims to enter their account information. 

Spark said the company had no information linking their woes to the global scam at this stage.

Roberts said in the attack they were seeing in New Zealand - which on a global scale is decidedly average but is large here - the cyber crooks aim to get malware or bugs planted into innocent computers.

And it is from those computers that a massive amount of data was fired back out on the internet, creating a "denial of service" attack.

These select particular targets - such as banks - in an attempt to hack their computers.

Roberts said they do not yet know where the initial attack was coming from.

The malware installed onto the innocent computers is generating denial of service attacks toward Europe.

"That's been done by international cyber criminals who have installed this malicious software," he said.

He said Spark had identified at least a dozen computers with the malware accidentally installed on them.

Roberts said people should not click on "dodgy" emails and files if they did not know what was in them or where they came from.