SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Another cyber attack on NZ businesses - analysis
Thu, 9th Sep 2021
FYI, this story is more than a year old

Kiwi bank and ANZ along with New Zealand Post, Inland Revenue and Metservice all experienced blacks-out due to a cyber-attack earlier today.

Cyber attackers took down multiple New Zealand websites and services today in what appears to be a co-ordinated hit.

Kiwi bank and ANZ customers also reported problems with internet banking and being locked out of their accounts.

And the government's computer emergency response team CERT NZ confirmed it's monitoring multiple denial of service attacks

AUT professor of computer science Dave Parry says the attacks are similiar to those that hit businesses this year.

"It's very similar to the attacks that happened previously this year, effectively what's happening is that attackers presumably criminal gangs are effectovely setting up lots of bots as they're called which are computers they are controlling by inserting a virus into them and those are all over the world.

"They are basically hitting these websites with lots of requests, so much so that the websites can't cope with it and then it can't provide service to anybody and effectively what's happening is that the way they do this is they attack you then they ask for ransom money."

Although some people may expect banks to have security measures, Parry says these attacks put banks in a precarious situation.

"The problem is what's happened in this situation is the way you defend against these attacks is you effectively identify that the requests are suspicious somehow... now they will do that but they also don't want to block out legitimate requests.

"So, particularly for banks they're in quite a difficult position because of course people want to have the transactions going on and you don't want to be blocked from doing a transaction because the bank suddenly halfway through your transaction says 'well I'm not sure about your computer anymore maybe I'll block you for a bit.'"

"The banks have got quite a delicate balancing act and quite often in this situation what happens is the banks deliberately reduce the amount of service they are providing over the internet in order to be able to manage it better."

The banks' response doesn't indicate they are failing to do their job but instead that they are being careful to reduce the amount of transactions which are affected, Parry says.

He says criminal groups will be aware that New Zealand has been in lockdown and this could provide added motivation to attack.

"There will certainly be that kind of thing happening, these guys are constantly monitoring for weaknesses in both security and also events that are happening which may persuade people to be more vulnerable.

"Anywhere in lockdown is going to be using the internet more so it's a good time to attack if you're doing that sort of thing."

With many people around the globe working from home due to the COVID-19 pandemic, Parry says cyber-security measures are more likely to slip and this can allow attackers to hijack more computers.

"Truthfully, I think in the COVID-19 world where so many people are working from home security tends to go down... people share computers, use WiFi that's local and they do all sorts of things.

"I think there's probably some sort of effect happening in some of the places where the computers are being hijacked to attack that more of those are happening because of COVID-19 and because more (people) are working from home."

Parry says a lot of cyber-attacks are coming from the US-based computers with gangs orchestrating attacks from overseas to target places like New Zealand.