All of us here at Zzoomm would like to apologise for the service interruptions experienced in Henley-on-Thames over the last week. We have not delivered the level of reliability that you have every right to expect from the Zzoomm service.
What happened
Our upstream network provider suffered a series of Distributed Denial of Service (DDOS) attacks. These were instigated by a malicious party who has attempted to extort payment from another of their customers. They effectively flooded the upstream network with traffic overloading their systems. This attack was not aimed at Zzoomm or any of Zzoomm’s customers: we (and our customers) were just caught in the crossfire. I would like to assure all home and business customers, you and your data was never at any risk. This attack was aimed at the network provider and did not and does not constitute any security risk to our customers’ service or personal data.
A more technical description can be found here: https://www.ncsc.gov.uk/collection/denial-service-dos-guidance-collection
A less technical description is to imagine Zzoomm is a shop in a high street (our upstream provider). The malicious party has targeted the shop next door to Zzoomm called the Chilli Store. They disrupt the Chilli Store by sending 1000 people from lots of different nearby towns to pretend to be customers and browse around the Chilli Store, which only has a capacity for 20 customers at any one time. As a result, all those “fake customers” trying to get into the Chilli Store at the same time prevent it from serving any real customers. Unfortunately, they also block the nearby shop entrances (Zzoomm) and sometimes the entire high street, disrupting many other shops in the process. The malicious party promises to stop sending these “fake customers” to the Chilli Store in return for a payment.
This is a criminal act and has been reported to the authorities.
So what have we done?
Working with our upstream provider we have looked at how together we can (1) limit the impact of these attacks and (2) respond faster to the attacks. Specifically, our upstream provider has put in place a DDOS filtering service which should make the type of attack that they, and we, have experienced over the last week ineffective. In addition, we are putting in place more capacity in the core network, which will make it more difficult to be overwhelmed by DDOS attacks. Finally, we are improving our management tools to allow us to respond faster to reconfigure the core network to sidestep different attack vectors. Making these changes has taken time as services and equipment need to be ordered, delivered, provisioned, tested and made live.
What next?
Firstly, we have given every home and business customer a free period of service for the disruption suffered.
Secondly, we will upgrade every home customer from the beginning of July to a fully symmetrical service giving the “Match” power up until the end of August at no charge, giving them the same upload speed as download, to improve the performance of the service for the next couple of months. For customers that already pay for “Match”, we will provide this free until the end of August. We will apply all the appropriate changes automatically.
Thirdly, we will create a service status page linked from our website which can be accessed simply from a smartphone or web browser which will detail any known issues with the Zzoomm service. This will make it quicker and simpler to check for any service disruption.
Finally, we will continue to work with all our partners to put in place improved defences and heightened checks to limit the impact of any attacks in the future.
I apologise once again on behalf of the Zzoomm team.
Yours sincerely,
Matthew Hare
Chief Executive