RBNZ takes action on cyber attack
AUCKLAND: The Reserve Bank of New Zealand is responding ‘‘with urgency’’ to a breach of one of its data systems.
A thirdparty file sharing service used by the bank to share and store some sensitive information, has been illegally accessed.
Governor Adrian Orr says the breach has been contained, and the bank is treating the matter with the highest priority, and acting with urgency.
‘‘We are working closely with domestic and international cyber security experts and other relevant authorities as part of our investigation and response to this malicious attack. The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information.
‘‘The system has been secured and taken offline until we have completed our initial investigations. It will take time to understand the full implications of this breach, and we are working with system users whose information may have been accessed. Our core functions remain sound and operational.’’
A spokesman for the RBNZ refused to immediately name the thirdparty provider, nor if the GCSB or any other government security agency had been called in to assist.
Cyber attacks have increased in the past 12 months, according to Crown agency Cert (Computer Emergency Response Team) NZ. Attacks had increased 33% yearonyear, it said.
August and September saw the GCSB come to NZX's aid as the local stock exchange struggled to repel a series of DDoS (distributed denial of service) attacks that overwhelmed its website.
Earlier in 2020, there were cyber attacks on several corporate targets, including Fisher & Paykel Appliances, Toll Group and Lion.
In F&P Appliance's case, a ‘‘ransomware’’ gang leaked some of its spreadsheet and planning files on to the internet, in a bid to pressure the company to pay for the return of its stolen files. F&P refused. — The New Zealand Herald