New Zealand Central Bank Cyber Attack

Uploaded on 2021-01-18 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Financial

The Reserve Bank New Zealand has reported that it suffered a "malicious and illegal breach” of one of its third-party data sharing application systems used by the bank and apologised to customers for some problems that the cyber attack caused, ordering an immediate independent investigation. "We are working closely with domestic and international cyber security experts and other relevant authorities as part of our investigation and response to this malicious attack," Governor Adrian Orr said in a statement issued on January 15th.

It is unclear when the breach took place, who was responsible, and in what country the file-sharing service is based. It will take time to understand the full implications of the breach, according to the bank.

“In addition to the forensic cyber investigation currently underway, we have appointed an independent third party to undertake a comprehensive general review of this incident. We will be as transparent and clear as possible as this progresses, and will release the review’s terms of reference shortly... The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information," the Bank said.

A detailed forensic cyber investigation is underway and the Bank is working directly with affected stakeholders whose information may have been breached. In its 2019 Financial Stability report, the RBNZ warned that cyber attacks  were on the rise in New Zealand and that  "More extreme events have a low probability but are still plausible.”

Several other major organisations in New Zealand have been attacked in the past year, notably including the New Zealand Stock Exchange which was  targeted by sustained distributed denial of service (DDoS) attacks which halted trading for almost a week. In February of last year  the RBNZ reported that the expected cost of cyber incidents for the banking and insurance industry was between NZD80m ($58m) and NZD140m per year.

In its latest report, the New Zealand government agency CERT (Computer Emergency Response Team) said cyber attacks in the country had increased 33% year-on-year.

RBNZ:       Bloomberg:      DW:       NBC:         Yahoo:         StraitsTimes:       

You Might Also Read:

North Korean Hackers Specialise In Financial Theft:

 

« Spies In Cyberspace
Five Reasons Why Women Should Consider A Career In Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

European Council on Foreign Relations (ECFR)

European Council on Foreign Relations (ECFR)

ECFR is a pan-European think-tank conducting research and promote informed debate on European foreign policy. Cyber security is becoming an intrinsic element of foreign policy debate.

Cyber Security Recruiters

Cyber Security Recruiters

Cyber Security Recruiters is a niche recruiting firm who finds impact players for our clients in the Information Security Space.

Cellebrite

Cellebrite

Cellebrite delivers comprehensive solutions for mobile data forensics and mobile lifecycle management.

CLUSIS

CLUSIS

CLUSIS is an association for the information security industry in Switzerland.

Cyber Akademie (CAk)

Cyber Akademie (CAk)

Cyber Akademie is a training and education center providing high-quality training and information events on information security and data protection.

ACI Worldwide

ACI Worldwide

ACI Worldwide powers electronic payments for more than 5,000 organizations around the world.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

Araxxe

Araxxe

Araxxe delivers Revenue Assurance, End-to-End Billing Verification and Interconnect Fraud Detection solutions to communication companies worldwide.

Dell Technologies

Dell Technologies

Dell Technologies Consulting Services enables a highly resilient business amidst the proliferation of cloud-based IT services and constant threats to your most critical information.

bluedog Security Monitoring

bluedog Security Monitoring

Sentinel from bluedog provides powerful and affordable internal network monitoring.

BrandProtections.Online

BrandProtections.Online

BrandProtections.online offer end-to-end customer support solutions to help protect against threats which may affect your brand online.

Hold Security

Hold Security

Hold Security works with companies of all sizes to provide unparalleled Threat Intelligence services that actually make a difference.

LOGbinder

LOGbinder

LOGbinder eliminates blind spots in security intelligence for endpoints and applications.

Gatefy

Gatefy

Getfy is a cybersecurity company specialized in artificial intelligence and machine learning. We work to solve challenging issues, especially those involving email security.

Dedagroup (Deda)

Dedagroup (Deda)

Dedagroup provide application solutions and IT services to bring innovation at the core of business processes.