NordVPN is one of the most popular VPN software in the world, and it’s also one of the most demanding. Its supported countries and regions include North America, Europe, and Australia. In the last few days, Reddit users noticed something rather peculiar about the servers of the popular VPN provider in Australia.
In the middle of March, the Australian NordVPN servers suddenly stopped responding to normal DNS lookups and domain name resolution requests. It turns out that the problem was in a DDoS (Distributed Denial of Service) attack that was launched against the servers late last year. In a blog post, the administrators of the popular VPN provider in Australia stated that this was caused by the huge increase in the number of customers using the service.
The DDOS Attack
Late in October 2019, the Australian servers of NordVPN were the target of a large distributed denial of service (DDoS) attack. This type of attack is when an organization or group of individuals deliberately overloads a website or service with useless traffic, in an attempt to shut it down. In this case, the attackers specifically targeted the Australian servers of NordVPN, and they succeeded in taking down one of the largest VPN providers in the country. The attack was not limited to just the Australian servers of NordVPN, as the DDoS tool used was specifically designed to target the popular VPN provider, and it would continuously launch similar attacks until it was taken down.
According to the admins of the Australian VPN server, the attack was launched by two APT (Advanced Persistent Threat) groups that were calling themselves the Phantom Squad and the Shadow Brokers, and it was possibly even supported by the Russian government. The Australian authorities have not confirmed this, however, and the case is still under investigation.
DDoS Attacks Are On the Rise
The administrators of the Australian NordVPN servers stated that, due to increased demand and the success of the recent attack, they had to upgrade their network and increase their server capacity by 256% last month alone. In fact, since the beginning of this year, the number of customers using the service has increased by 40%, meaning that it’s currently performing very well, considering the recent server issues.
The trend of VPN services being hacked and taken offline by powerful hackers and cybercriminals is becoming commonplace. In January 2020, Express VPN reported that, since the beginning of this year, their service had been hacked and taken offline by a well-known security group ‘Pantspaw’. This is not the first time that a VPN provider has been targeted by a large security group, and it’s probably not the last. The increasing power and numbers of these ‘malign networks of influence’ is creating a serious dent in the online security of individuals that use these services.
Australian Authorities Acted Quickly
In the case of the recent Australian server issue, it wasn’t just the quality of the service that suffered, but it also impacted on the security and privacy of the individuals using it. It is well known that VPNs can be used to keep private and sensitive information hidden, and the admins of the Australian servers stated that the delay in taking action was caused by bureaucracy and a lack of understanding of the serious nature of the issue. They also stated that they were not receiving adequate support from the Australian authorities, meaning that the issue will continue to plague them.
After the huge DDoS attack that took out the Australian servers of NordVPN, the company stated that they were temporarily down, but that they were functioning normally, aside from a few hiccups. The VPN firm has since recovered, and they’re currently preparing a blog post to share more details about the attack.