Cyber-attacks are causing intermittent service issues for New Zealand websites and banking services.
Banks ANZ and Kiwibank, and popular websites such as NZ Post and MetService were also suffering intermittent issues.
It is not yet known if the attacks, which affected NZ banks and popular websites, were targeted towards several organisations, a technology service provider, or both.
"Cert NZ is aware of a DDoS attack targeting a number of NZ organisations," government cybersecurity agency Cert NZ tweeted Wednesday morning.
"We are monitoring the situation and are working with affected parties where we can."
Distributed denial of service (DDoS) attacks, like those directed at the NZX last year, overwhelm online services with requests to make them unavailable.
There is no potential for the private customer data of the affected companies to be stolen.
Aura Information Security’s general manager Peter Bailey said DDoS attacks in NZ are ramping up.
“They're much more widespread than we've seen in the past, you know, and today is a prime example of a number of organisations being hit at once,” he told BusinessDesk.
“They certainly seem to have had a lot of effects on networks and how they're functioning, whereas, in the past, we've seen DDoS attacks that really are quite good at just targeting a single entity.”
Kiwibank and ANZ experienced issues with their online and app banking services.
Both banks alerted customers to the service outages this morning on social media, with Kiwibank's phone banking also affected.
"We're experiencing an outage in regard to our internet banking and are working on it as quickly as possible", ANZ spokesperson Stefan Herrick told BusinessDesk.
Bailey said it was possible that an attack on a single organisation could have spread to affect other businesses as happened when DDoS attacks disrupted the NZX last year.
“We saw this with the NZX, sometimes the attacks are so big that it sort of spills over into other organisations and affects their computing power as well.
“If you get a big enough attack, it starts to kind of slow everything down.”
Tight-lipped
It is not yet known if the cyber-attacks targeted one or several organisations, or technology service providers.
“Any incidents reported to the NCSC are treated on a commercial in confidence basis. This helps to encourage organisations to engage with us when they have been subject to a cyber-security incident,” a National Cyber Security Centre (NCSC) spokesperson told BusinessDesk.
“We are limited in any public comment we will make as we are aware that malicious cyber actors can follow what is reported publicly, and may change their behaviour based on media reporting of their activity.”
Cert NZ was as tight-lipped as its social media channels.
“We are currently working with our sector partners to understand and monitor the situation. We will not be commenting any further at this stage,” a Cert NZ spokesperson told BusinessDesk.
“Cert informs me a number of organisations have had disruption to their online services today,” said digital economy and communications minister David Clark.
“At this time, efforts to ascertain the impact of this incident are ongoing. I won’t get ahead of this process.”
Aura’s Bailey said this low level of information was usual and it’s unlikely the cause of the attacks will be known for a couple of days.
“If it's targeted for money, if it’s targeted for ransom, then it's likely to be at an organisation or a group of organisations that they [attackers] can exploit cash from.
“If it's at a service provider, then that's more, I would say, disrupting service and stopping things from functioning properly.”
He said if the DDoS attacks are not financially motivated it could point to nation-state activity against NZ.
Ongoing
It was confirmed earlier that the ongoing issues are not related to internet outages, with Vodafone, Spark, 2degrees, Vocus and Chorus all reporting good national network performance.
An AWS spokesperson told BusinessDesk they were not aware of any disruption to Amazon’s cloud services that are widely used in NZ businesses’ online infrastructure.
The service issues for the banks comes after several days of disruption for Kiwibank customers first affected by a Vocus network disruption on Friday, and again over the weekend as Kiwibank experienced service problems.
A DDoS attack on a Vocus customer resulted in network issues across NZ on Friday, raising the possibility that Kiwibank and ANZ have been targeted with cyberattacks.
Kiwibank said on Tuesday morning in a Twitter post that it had resolved the issues faced over the weekend.
“Our teams have worked to implement a fix overnight and all banking systems are up and running this morning.
“We’re continuing to monitor our systems and want to thank you for your patience and understanding as our teams worked to urgently resolve the issue.”
Customers expressed their frustrations on social media, with one tweeting about Kiwibank, “Again!! Was OK the first 2 times ... this is getting a bit silly now”.
“This is seriously impacting businesses' ability to function. We need reliable access to banking facilities. Who will be resigning?”, tweeted another.
The weekend outages stopped customers from accessing their banking accounts online, though Kiwibank said the disruption had not affected automatic payments or government, salary and wage payments.
