New Zealand Central Bank Cyber Attack

Uploaded on 2021-01-18 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Financial

The Reserve Bank New Zealand has reported that it suffered a "malicious and illegal breach” of one of its third-party data sharing application systems used by the bank and apologised to customers for some problems that the cyber attack caused, ordering an immediate independent investigation. "We are working closely with domestic and international cyber security experts and other relevant authorities as part of our investigation and response to this malicious attack," Governor Adrian Orr said in a statement issued on January 15th.

It is unclear when the breach took place, who was responsible, and in what country the file-sharing service is based. It will take time to understand the full implications of the breach, according to the bank.

“In addition to the forensic cyber investigation currently underway, we have appointed an independent third party to undertake a comprehensive general review of this incident. We will be as transparent and clear as possible as this progresses, and will release the review’s terms of reference shortly... The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information," the Bank said.

A detailed forensic cyber investigation is underway and the Bank is working directly with affected stakeholders whose information may have been breached. In its 2019 Financial Stability report, the RBNZ warned that cyber attacks  were on the rise in New Zealand and that  "More extreme events have a low probability but are still plausible.”

Several other major organisations in New Zealand have been attacked in the past year, notably including the New Zealand Stock Exchange which was  targeted by sustained distributed denial of service (DDoS) attacks which halted trading for almost a week. In February of last year  the RBNZ reported that the expected cost of cyber incidents for the banking and insurance industry was between NZD80m ($58m) and NZD140m per year.

In its latest report, the New Zealand government agency CERT (Computer Emergency Response Team) said cyber attacks in the country had increased 33% year-on-year.

RBNZ:       Bloomberg:      DW:       NBC:         Yahoo:         StraitsTimes:       

You Might Also Read:

North Korean Hackers Specialise In Financial Theft:

 

« Spies In Cyberspace
Five Reasons Why Women Should Consider A Career In Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

ENLIGHTENi

ENLIGHTENi

ENLIGHTENi are the platform to develop next-gen talent in Technology, Risk, and Cybersecurity. Our mission is to develop next-gen talent through challenge-based learning and team collaboration.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

THEC-Incubator

THEC-Incubator

THEC-Incubator program is designed for international and ambitious tech startups in the Netherlands. Areas of focus include Blockchain and Cyber Security.

Diateam

Diateam

Diateam is an R&D company specializing in computer security. Diateam develops highly innovative cyber range platforms and Industry-leading systems for cybersecurity training and testing labs.

Cryptoloc

Cryptoloc

Cryptoloc's core business is developing solutions designed to protect businesses from all kinds of security threats using a unique patented cryptography.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

DisruptOps

DisruptOps

Built for today’s cloud-scale enterprises, DisruptOps’ Cloud Detection and Response platform automates assessment and remediation procedures of critical cloud security issues.

SHIELD

SHIELD

SHIELD are the world’s leading cybersecurity company specializing in cyber fraud and identity solutions.

Nonprofit Cyber

Nonprofit Cyber

Nonprofit Cyber is a first-of-its-kind coalition of global nonprofit organizations to enhance joint action to improve cybersecurity.

Hexens

Hexens

Hexens introduces a whole new approach to cybersecurity solutions. Indisputable skills and a unique super-focused perspective on every single case are the values we create.

Information Systems Security Association (ISSA)

Information Systems Security Association (ISSA)

ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

MyKRIS Asia

MyKRIS Asia

MyKRIS specialise in providing and managing Internet network services and cyber security services to enterprises.

Piiano

Piiano

Piiano offers developer-friendly privacy and security products. Reduce risk and protect your data by using our specialized security and privacy SaaS tools.

XONA

XONA

XONA is The Zero Trust user access platform for the OT enterprise. Secure operational access to critical systems - from anywhere.