New Zealand’s Computer Emergency Response Team (CERT) has published a notice to declare its awareness of a DDoS (distributed denial of service) attack targeting a number of organizations in the country. As the cybersecurity incident response entity writes on its website, for now, they are monitoring the situation and working with the affected parties to help them contain the attack and get back to normal operational status.
The most notable entities that are experiencing trouble due to the ongoing DDoS attacks are the NZ Post, the Australia and New Zealand Banking Group Ltd., the NZ Police, the MetService, and the Kiwibank. The websites of these entities are either very slow and unresponsive or completely out of access. The problems oftentimes spread to the apps of these organizations, like the net banking services of AZN and Kiwibank, so the business impact is significant.
The companies have tried to reassure their clients that DDoS attacks don’t mean their private data is at risk and also promised to reimburse them for any losses they suffer as a result of the intermittent disruptions. Still, the longer the DDoS trouble remains, the more problematic the situation will be for all parties. Last summer, when DDoS actors hit New Zealand’s stock exchange, the networks remained overloaded for days, so the hope is that this won’t be the case this time.
However, what is happening now is merely the continuation of a constant wave of DDoS attacks that hit the country’s key services. Only last week, internet service provider 'Vocus' was hit by a catastrophic DDoS attack that introduced widespread outages affecting Auckland, Wellington, and Christchurch. This attack essentially cut off approximately 15% of New Zealand’s internet connectivity. As such, this latest attack isn’t a rare or isolated incident but more of a typical and periodic threat.
The notable aspect of the story is that despite New Zealand’s most powerful entities deploying state-of-the-art security tools and anti-DDoS mechanisms, actors are still finding a way to cause lengthy outages. Usually, those actors are doing it to extract money from the victimized entities in the form of ransom, but it could also be a case of being revengeful. The persistence of the actors would be justified in either case, but we don’t have any actual details about the exact motives of those responsible.