Tom Pullar-Strecker / Tips
Kiwibank will not say if a cyber attack caused the blackouts on Sunday.
Kiwibank customers said they were unable to access the internet and mobile banking services for much of Sunday as problems plaguing New Zealand banks lasted for a fifth day.
Spokesman Mike Jaspers declined to comment on whether the issues were related to a denial of service (DDoS) attack that is believed to be causing major outages at ANZ from Wednesday, which also impacted Kiwibank. , NZ Post and others.
The bank warned in a tweet at 3:30 p.m. that its online banking service and mobile app could “continue to be intermittent today.”
It is relatively unusual for large organizations such as banks to fail to get DDoS attacks under control quickly, which has sparked speculation that problems with the use of one or more vendor products may have contributed to the attacks. problems.
Jaspers declined to say if this was the case.
* ANZ Online Banking is suspended for a third day
* NZ Post predicts outage, ANZ faces continued disruption amid cyber attacks
* The government is still assessing the impact of Wednesday’s denial of service attacks
NZ Post shut down its website for unspecified work on Thursday evening.
On September 3, the nation’s third largest internet provider, Vocus NZ, experienced blackouts, which chief executive Mark Callander attributed to a DDoS attack on one of its customers and problems with its use of it. ‘a product supplied by the American company Arbor Networks, which is designed to defend against attacks.
Kiwibank has indicated that it will inform customers on social media.
The number of reports of customers having issues with Kiwibank forwarded to the Down Detector outage reporting site peaked at 185 in 15 minutes around 10:30 a.m., before dropping sharply at 11 a.m., only for complaints to resume from noon.
Down Detector also recorded a slew of reports that ASB’s online banking and mobile app went offline early Sunday morning, although the complaints were filed at 9 a.m.
But it is understood that this was not related to a DDoS attack.
Complaints about ASB’s services peaked at around 140 over a 15-minute period around 8 a.m.
What are DDoS attacks?
Often described simply as denial of service attacks, DDoS attacks are carried out by cybercriminals who hire or hijack large numbers of computers infected with malware (the extra “D” in the acronym stands for “distributed”).
They use them to bombard an organization’s online services with huge amounts of traffic, such as connection requests, overloading them so that they cannot process genuine requests and appear to be offline. .
Since victims are not hacked, there should be no risk that they will lose personal information or, if banks are attacked, that people will lose money.
Large organizations typically defend themselves against DDoS attacks by using technological tools to identify and shut down the sources of parasitic traffic bombarding their services, which may originate from networks of computers infected with malware that could be located anywhere in the world. the world.
Attackers often route their malicious traffic through misconfigured web servers owned by legitimate organizations, in order to disguise the true source of their attacks.
Sometimes attacks stop, to be redirected or restarted from a different source, which can make the task of stopping denial of service attacks a cat-and-mouse game.
Usually, attackers demand ransoms to stop their attacks, although it is believed that these are rarely paid.
Past DDoS attacks
DDoS attacks have been around for decades.
Forwards and defenders have become better at their games.
But the increasing availability of fiber to the home means that compromised computers that are typically used to carry out attacks can be more powerful because they can send more malicious traffic.
September 2021: A customer of New Zealand’s third largest internet service provider, Vocus, has suffered a denial of service attack. Vocus’ attempts to help it defend the attack went awry, resulting in outages for its Internet, Slingshot, Orcon and Stuff Fiber brands and its wholesale client Sky Broadband.
September 2020: The NZX has suffered a series of large-scale DDoS attacks that have taken its website offline. Since the NZX website is used to serve price sensitive market announcements, the NZX made the decision to also suspend stock trading during the initial attacks, ahead of a policy change.
2012: Activists associated with hacking group Anonymous have expressed outrage over the arrest of Kim Dotcom in New Zealand by temporarily blocking access to the websites of the FBI and the United States Department of Justice, as well as the Universal Music Group recording label.
Many DDoS attacks in the past were associated with such civil disobedience, although now the motive is usually blackmail and profit.
2007: The entire country of Estonia has been largely taken offline during a period of high tension with neighboring Russia.