Incident Report 12/12/2016 DDos Attack - CLOSED

On the 12/12/16 at 14:03 we were the subject of a sustained Denial of Service attack which was focused on our main website and our helpdesk. The helpdesk in particular was leveraged to create 371,433 support tickets in the first hour after which we took the entire system offline to remove all the spurious tickets.

No other GEN Services were affected by the attack. 

We restored the system at 19:21 with a number of filters and restrictions in place to protect it from the attack. 

Going forward there will be a limit of 64 Open tickets per registered user and the lockout for bad password attempts is limited to 4. We strongly encourage helpdesk users to ensure their passwords are sufficiently strong with upper, lower and symbols. The password complexity requirement has been changed to 6 or more characters for new accounts. 

We will also not be allowing accounts to be registered from hotmail.*, gmail.*, yahoo.* etc as these were leveraged in the attack to confirm accounts prior to spamming the helpdesk with tickets.

Use of the HelpDesk API has been locked down to just those IP blocks that currently utilise it for integration, if you require access to the API and this no longer works then please raise a ticket and we'll add you to the allow list.