Accessible News

Top storiesNew ZealandPoliticsBusinessEntertainmentSportsWorld

NZ Post plans outage and ANZ faces ongoing disruption amid cyber attacks

Thursday, 9 September 2021

NZ Post will take down all its major IT systems on Thursday evening for work that appears to be linked to a spate of denial-of-service attacks on New Zealand businesses.

The company said customers would not be able to book courier pick-ups, print post labels, track items or check and validate addresses during the short “planned outage” this evening.

There was a chance the outage could be longer than it expected it said.

NZ Post said the work was needed as a result of “some issues at one of our  third-party IT suppliers” which caused intermittent disruptions to its website on Wednesday.

**READ MORE:

* Government still gauging impact of Wednesday's denial-of-service attacks

* Unclaimed Bonus Bonds could end up with the Government

* BNZ mobile banking service goes down due to 'internal systems issue'

**

A spokeswoman would not comment on whether those issues were linked to the denial-of-service that appear to have caused a variety of problems on Wednesday and Thursday, including for ANZ.

“We are taking additional actions tonight as a precaution to improve the stability of our services,” she said.

NZ Post now offers courier bags made from plastic diverted from landfill and produced in Hamilton using green power.
NZ Post now offers courier bags made from plastic diverted from landfill and produced in Hamilton using green power.

ANZ customers faced further problems accessing internet banking on Thursday, amid signs a denial-of-service attack on the bank had resumed.

More than 650 customers reported problems accessing the bank online during a 15-minute period around 9.30am when the issues appeared to reach a second peak.

On Wednesday morning, the number of complaints recorded by website monitoring service Down Detector peaked at more than 1000 in a 15-minute period.

A wider range of organisations also including Kiwibank appeared to be affected by the attacks on Wednesday.

The message greeting some ANZ customers when they tried to access internet banking on Thursday.
The message greeting some ANZ customers when they tried to access internet banking on Thursday.

A spokesman for cyber-security agency Cert NZ said it was “aware that disruptions to some online services are continuing today”.

“We can reassure people that we are working very hard with those affected and our sector partners to understand and monitor the situation and support recovery efforts. No further organisations have reported attacks to us today,” he said.

Customers were told to try again later if they were having problems.
Customers were told to try again later if they were having problems.

DDoS (distributed denial of service) attacks involve cyber-criminals overloading and crashing an organisation’s online services by bombarding their internet-facing systems with vast amounts of traffic.

Because they do not involve hacking into an organisation’s computer systems, there is no risk of bank customers losing money or having information stolen through this sort of attack.

Combating DDoS attacks can often be a game of cat and mouse, as victims seek to block the deluge of traffic aimed at their computer servers and attackers change their tactics.

Customers contacted Stuff on Thursday morning, worried they still could not access their ANZ accounts.

“I was able to access my banking at 7am,” one wrote.

“Attempted to log on again at 7.45am to be told there was an unexpected error when trying to log in and kicked off the app. For the second day in a row.”

Another said they had no luck logging-on either on their phone or computer during the early afternoon.

Spokesman Stefan Herrick was aware of some problems.

“Some customers are experiencing issues accessing internet banking and ANZ goMoney,” he said.

“If customers are having trouble getting through we would ask them to try again later. Our support teams are continuing to work hard to improve access. We apologise for any inconvenience this has caused and thank customers for their patience.”

Digital Economy Minister David Clark said on Wednesday that he had been told by cyber-security agency Cert NZ that a number of organisations had experienced disruption to their online services.

“Efforts to ascertain the impact of this incident are ongoing. I won’t get ahead of this process,” he said on Wednesday afternoon.

What are DDoS attacks?

Often simply described as denial-of-service attacks, DDoS attacks are carried out by cyber-criminals who hire or hijack large numbers of malware-infected computers.

They use these to bombard an organisation’s online services with huge amounts of traffic, such as requests to connect, overloading them so they can’t deal with genuine requests and they appear to be offline.

Large organisations generally defend against DDoS attacks by using technology tools to identify and shut off the sources of the spurious traffic bombarding their services, which can originate from networks of malware-infected computers that could be anywhere in the world.

Attackers often route their rogue traffic through poorly configured web servers owned by legitimate organisations, to disguise the true source of their attacks.

Sometimes attacks stop, only to be rerouted or restarted from a different source, which can make the task of shutting down denial-of-service attacks a game of ‘’cat and mouse’’.

Commonly, attackers demand ransoms to stop their attacks, though it is believed these are rarely paid.

Past DDoS attacks

DDoS attacks have been around for decades.

Both attackers and defenders have become better at their games.

But the growing availability of fibre-to-the-home means the compromised computers that are usually used to conduct attacks can pack more of a punch because they can send out more rogue traffic.

September 2021: A customer of New Zealand’s third largest internet provider, Vocus, experienced a denial-of-service attack. Vocus’ attempts to help it defend the attack went wrong, resulting in outages for its internet brands, Slingshot, Orcon and Stuff Fibre and wholesale customer Sky Broadband.

September 2020: The NZX experienced a series of large-scale DDoS attacks that took its website offline. Because the NZX’s website is used to distribute price-sensitive market announcements, the NZX took the decision to also suspend share trading during the initial attacks, before a policy change.

2012: Activists associated with hacking group Anonymous vented their outrage at Kim Dotcom's arrest in New Zealand by temporarily blocking access to the websites of the United States FBI and Justice Department, and recording label Universal Music Group.

Many DDoS attacks in the past used to be associated with such civil disobedience, though now the motive is usually blackmail and profit.

2007: The entire country of Estonia was largely knocked offline during a period of high tension with neighbouring Russia.