Cyber Incident Victim: Melbourne IT

On April 13, 2017, Melbourne IT experienced a significant distributed denial-of-service (DDoS) attack targeting its DNS servers, beginning at 10 am local time (12 am BST). The attack disrupted multiple services, including web hosting platforms (Cloud and cPanel), email systems, and access to the Console customer administration portal. This outage affected a substantial number of customers relying on the ISP’s infrastructure. Melbourne IT responded by activating its standard DDoS mitigation protocols and implementing international traffic management measures to contain the attack. Service restoration efforts progressed steadily, with normal operations resuming by 11:30 am local time—approximately 90 minutes after the initial disruption. The company publicly confirmed the incident and characterized it as a "large DDoS attack" in its official statement, though it did not disclose the attack’s precise scale, origin, or motivation.

Industry experts cited in subsequent analyses noted broader implications of the incident. Commentators highlighted the growing trend of DNS-targeted attacks and emphasized the disruptive potential of such assaults on critical internet infrastructure. References were made to the 2016 Dyn attack as a precedent for large-scale DDoS campaigns against DNS providers, with observers expressing surprise that similar incidents remained relatively uncommon. Discussions also centered on the evolving scale of DDoS threats, particularly citing concerns about botnets like Mirai that could overwhelm conventional mitigation defenses. Experts uniformly acknowledged that while ISPs typically employ effective countermeasures against standard DDoS attacks, extreme-scale assaults could exceed defensive capacities, creating systemic vulnerabilities across dependent services and organizations. Melbourne IT did not report additional technical specifics about attack vectors or long-term operational consequences beyond the immediate service interruption window.