New Zealand Central Bank Cyber Attack

The Reserve Bank New Zealand has reported that it suffered a "malicious and illegal breach” of one of its third-party data sharing application systems used by the bank and apologised to customers for some problems that the cyber attack caused, ordering an immediate independent investigation. "We are working closely with domestic and international cyber security experts and other relevant authorities as part of our investigation and response to this malicious attack," Governor Adrian Orr said in a statement issued on January 15th.

It is unclear when the breach took place, who was responsible, and in what country the file-sharing service is based. It will take time to understand the full implications of the breach, according to the bank.

“In addition to the forensic cyber investigation currently underway, we have appointed an independent third party to undertake a comprehensive general review of this incident. We will be as transparent and clear as possible as this progresses, and will release the review’s terms of reference shortly... The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information," the Bank said.

A detailed forensic cyber investigation is underway and the Bank is working directly with affected stakeholders whose information may have been breached. In its 2019 Financial Stability report, the RBNZ warned that cyber attacks  were on the rise in New Zealand and that  "More extreme events have a low probability but are still plausible.”

Several other major organisations in New Zealand have been attacked in the past year, notably including the New Zealand Stock Exchange which was  targeted by sustained distributed denial of service (DDoS) attacks which halted trading for almost a week. In February of last year  the RBNZ reported that the expected cost of cyber incidents for the banking and insurance industry was between NZD80m ($58m) and NZD140m per year.

In its latest report, the New Zealand government agency CERT (Computer Emergency Response Team) said cyber attacks in the country had increased 33% year-on-year.

RBNZ:       Bloomberg:      DW:       NBC:         Yahoo:         StraitsTimes:       

You Might Also Read:

North Korean Hackers Specialise In Financial Theft:

 

« Spies In Cyberspace
Five Reasons Why Women Should Consider A Career In Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

Orolia

Orolia

Orolia are experts in deploying high precision GPS time through network infrastructure to synchronize critical operations.

Perspective Risk

Perspective Risk

Perspective Risk provides penetration testing, security assessments, risk management & compliance solutions, InfoSec training and consultancy services.

Clearwater Security & Compliance

Clearwater Security & Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

H-ON Consulting

H-ON Consulting

H-ON Consulting develops and applies robust cyber security procedures enabling control systems to be secure.

Brighter AI

Brighter AI

Brighter AI empowers companies to use publicly-recorded camera data for analytics & AI while being compliant with increasing data privacy regulations worldwide.

EvoNexus

EvoNexus

EvoNexus is a technology startup incubator with locations in San Diego, Orange County, and Silicon Valley.

Patriot Cyber Defense

Patriot Cyber Defense

Patriot Cyber Defense is a Cyber Security and Management Consulting professional services firm.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

Forta

Forta

Forta is a real-time detection network for security & operational monitoring of blockchain activity.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

Pillar Technology Partners

Pillar Technology Partners

Pillar Technology Partners is an Information Security Company with a focus on improving Cyber Risk and optimizing the processes and technology that underpin the security of your information assets.

Aeries Technology

Aeries Technology

Aeries is a technology services organization offering capabilities in Technology Services, Digital Transformation, and Business Process Management.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

Closed Door Security

Closed Door Security

Closed Door Security is the only cybersecurity team in the north of Scotland offering everything from IASME Certification to CREST-Accredited penetration testing.

CIP Cyber

CIP Cyber

CIP Cyber is an online learning community with a mission of connecting, training, and certifying cybersecurity professionals to protect critical infrastructure.