New Zealand’s third-largest internet provider said its response to a cyberattack had temporarily caused widespread internet outage. The company said its systems had blocked a denial of service (DDoS) attack on one user, but in doing so, it caused outages for some of its customers in the country’s largest cities, Auckland, Wellington, and Christchurch. According to the company, the problem was resolved in 30 minutes.
“We are working closely with the vendor of this platform to understand why this occurred,” said a company spokesperson. A DDoS attack is an attempt to disrupt internet access, which is usually caused by overloading the target resource. In general, perpetrators flood the attack victim from a variety of sources, making it impossible to stop the attack quickly. Site users across Aotearoa reported problems accessing sites, with major ISPs all reporting a massive spike in connection problems.
The pace of change and emergence of new and complex threats mean constant vigilance is required. By refreshing the action plan each year, we will keep pace with any emerging threat.
– New Zealand Government’s Communications Minister
In the case of a sudden outage, the focus will be on questions such as “how much will it cost, and what steps can the organisation take,” and this is where cybersecurity measures come into play. Options for redundancy or backup may be available. Consumers may be able to avoid problems and stay connected if they have a backup cellular internet service to which they can turn if their fixed service goes down.
Some internet service providers bundle 4G backup with fixed-line broadband, recognising that service continuity is an important feature of modern internet service. Similarly, network redundancy has historically worked for larger organisations, allowing them to avoid connectivity issues. According to new research, 64% of users have Wi-Fi routers in their homes, but 1 in 6 do nothing to protect them. According to an IT company, a group of hackers developed a new method for involving home routers in phishing attacks.
The attackers were hacking and changing the settings of vulnerable routers. After that, they could redirect users to a bogus web page that displayed a message purportedly from the World Health Organisation, instructing them to download an application that provides information about COVID-19. The application would then act as an information thief, uploading the stolen data to the hackers’ servers.
New Zealand’s cyber security solutions and initiatives are required in response to these internet outages and attacks. The New Zealand Government’s Communications Minister has launched an action plan and a national plan to combat cybercrime and keep New Zealanders safe online.
This new strategy highlights New Zealand’s vision of being secure, resilient, and prosperous online. Individuals will be safe online due to this strategy, while New Zealand businesses will be able to thrive and function. This strategy also recognises that New Zealand’s ability to be secure and resilient online is critical to developing a more productive and competitive economy.
OpenGov Asia reported that the Home and Community department and the housing ministry are on the approach of implementing zero-trust security in the government of New Zealand. After COVID-19 transformed the risk profile of the company, it rapidly introduced laptops and remote access for its employees and led the Home and Community department as a member of the Government Information Security Forum. Zero trust does not replace perimeter safety but works on the presumption that an infringement has taken place. Under the model, system access requests are treated as if they came from an open network on a “never trust, always verify” basis.
Sophisticated intelligence and analytics are then deployed to detect and respond to anomalies in real-time. The Data Protection Officer, the Information Manager, and the cyber security / IT security manager of the Home and Community department worked closely together to protect information that can be personally identified. In its 2022 financial year, the agency also had 21 projects under its programme, while the Home and Community Department reported to the Social Services Parliament and the community selection committee in June.
