Posted on January 11, 2021 at 12:01 PM
The Central bank of New Zealand has recently reported a hacking incident on one of its data systems. According to the report, the anonymous hacker accessed personally and commercially sensitive information from its server.
The stolen information was retrieved from a third-party service utilized by the Reserve Bank of New Zealand for sharing and storing information.
However, the governor of the central bank Adrian Orr informed the public that the bank has stopped the breach, and the core functions of the bank are still “sound and operational.”
Orr said the banking systems have been contained and removed offline to aid investigation and protect other systems from a similar attack.
He however revealed that the bank is working closely with local and international cybersecurity experts to provide the right response to the attack.
Orr didn’t state whether a criminal organization or a government-sponsored group is involved in the attack.
The past few months have seen several New Zealand organizations targeted by hackers.
Orr also said the bank has informed system users whose information may have been compromised, adding that it will take a little time to completely comprehend the full implications of the recent hacking incident.
The bank refused to provide more information about hacking incidence.
Also, it’s not clear whether the bank has determined who was responsible for the breach, when it occurred, or the nationality of the file-sharing service.
In August last year, the New Zealand Stock Exchange was the victim of a hacking attack when its servers were taken out of the internet for 6 days.
The attack is probably from a state-backed group
Professor of computer science at Auckland University Dave Parry said the attack is most probably the handiwork of a government-sponsored group due to the nature of the attack.
He said the attack is probably from one government to another, which makes sense considering the high-value target and the fact that no ransom we\as demanded. According to him, if it were from a private organization, a ransom demand would have been sent after the attack.
In New Zealand’s Stock Exchange (NZX) cyberattack, the perpetrators hit the stock exchange on two consecutive days, impacting the exchange’s network connectivity.
For the first attack, NZX was hit by a distributed denial of service (DDoS) attack from abroad, according to the report at the time.
After the second attack, trading was halted briefly on the exchange before resuming the same day.
Like New Zealand’s central bank attack, the NZX attack came from a third party.
In November last year, New Zealand cybersecurity organization CertNZ reported that some threat actors are sending emails to companies with the threat of DDoS attacks if a ransom was not paid. The emails showed the threat is coming from a renounced hacking group Fancy Bear.
But at the time, CertNZ said the threat was just a scare tactic, and it has not been carried out.
A flurry of cyber attacks in New Zealand
Organizations and companies in New Zealand are seriously facing threats of cyberattacks from malicious hacking groups. Several organizations have been targeted in the past, apart from the NZX and New Zealand Central Bank, the latest victim.
The country’s Minister of Justice Andrew Little noted that New Zealand is presently under siege when it comes to cyber-attack incidences. He said the level of cyber attacks on organizations is “at a devastating scale.”
Mr. Little, while speaking to Associated Press, revealed that law enforcement have begun serious work to fish out those responsible for the attacks. However, the job will not come easy since they need to track thousands of zombie computers used to launch the DDoS attacks.
He also stressed that some targeted firms have received emails asking them to pay ransom or risk being targeted. While advising the victims and potential targets, Mr. Little told them not to accept paying any kind of ransom to the hackers because it will encourage more crime.
In the past, hackers only demand ransom after the successful launch of an attack and the theft of valuable information. However, in the case these days, some of them even demand ransom for not launching cyberattacks, Little reiterated.
However, the attack on the central bank may be linked to a state-backed group, according to the report about the incident.