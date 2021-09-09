ANZ customers have faced further problems accessing internet banking on Thursday, amid signs a denial-of-service attack on the bank has resumed.

More than 650 customers reported problems accessing the bank online during a 15-minute period around 9.30am when the issues appeared to reach a second peak.

On Wednesday morning the number of complaints recorded by website monitoring service Down Detector peaked at more than 1000 in a 15-minute period.

A wider range of organisations including Kiwibank and NZ Post appeared to be affected by the attacks on Wednesday.

A spokesman for cyber security agency Cert NZ said it was “aware that disruptions to some online services are continuing today”.

“We can reassure people that we are working very hard with those affected and our sector partners to understand and monitor the situation and support recovery efforts. No further organisations have reported attacks to us today,” he said.

DDoS (distributed denial of service) attacks involve cyber-criminals overloading and crashing an organisation’s online services by bombarding their internet-facing systems with vast amounts of traffic.

Because they do not involve hacking into an organisation’s computer systems, there is no risk of bank customers losing money or having information stolen through this sort of attack.

Combatting DDoS attacks can often be a game of cat and mouse, as victims seek to block the deluge of traffic aimed at their computer servers, and attackers change their tactics.

Tom Pullar-Strecker/Stuff The site greeting some ANZ customers when they tried to access internet banking on Thursday.

Customers contacted Stuff on Thursday morning, worried they still could not access their ANZ accounts.

“I was able to access my banking at 7am,” one wrote.

“Attempted to log on again at 7.45am to be told there was an unexpected error when trying to log in and kicked off the app. For the second day in a row.”

Getty Images Customers were told to try again later if they were having problems.

Another said they had no luck logging-on either on their phone or computer during the early afternoon.

Spokesman Stefan Herrick was aware of some problems.

“Some customers are experiencing issues accessing internet banking and ANZ goMoney,” he said.

“If customers are having trouble getting through we’d ask them to try again later. Our support teams are continuing to work hard to improve access. We apologise for any inconvenience this has caused and thank customers for their patience.”

Digital Economy Minister David Clark said on Wednesday that he had been told by cyber-security agency Cert NZ that a number of organisations had experienced disruption to their online services.

“Efforts to ascertain the impact of this incident are ongoing. I won’t get ahead of this process,” he said on Wednesday afternoon.

What are DDoS attacks?

Often simply described as denial-of-service attacks, DDoS attacks are carried out by cyber-criminals who hire or hijack large numbers of malware-infected computers.

They use these to bombard an organisation’s online services with huge amounts of traffic, such as requests to connect, overloading them so they can’t deal with genuine requests and they appear to be offline.

Large organisations generally defend against DDoS attacks by using technology tools to identify and shut off the sources of the spurious traffic bombarding their services, which can originate from networks of malware-infected computers that could be anywhere in the world.

Attackers often route their rogue traffic through poorly-configured web servers owned by legitimate organisations, to disguise the true source of their attacks.

Sometimes attacks stop, only to be re-routed or restart from a different source, which can make the task of shutting down denial-of-service attacks a game of ‘cat and mouse’.

Commonly, attackers demand ransoms to stop their attacks, though it is believed these are rarely paid.

Past DDoS attacks

DDoS attacks have been around for decades.

Both attackers and defenders have got better at their games.

But the growing availability of fibre-to-the-home means the compromised computers that are usually used to conduct attacks can pack more of a punch because they can send out more rogue traffic.

September 2020, 2021: A customer of New Zealand’s third largest internet provider, Vocus, experienced a denial-of-service attack. Vocus’ attempts to help it defend the attack went wrong, resulting in outage for its internet brands, Slingshot, Orcon and Stuff Fibre and wholesale customer Sky Broadband.

September 2020: The NZX experienced a series of large-scale DDoS attacks that took its website offline. Because the NZX’s website is used to distribute price-sensitive market announcements, the NZX took the decision to also suspend share trading during the initial attacks, before a policy change.

2012: Activists associated with hacking group Anonymous vented their outrage at Kim Dotcom's arrest in New Zealand by temporarily blocked access to the websites of the US' FBI, Justice Department and recording label Universal Music Group.

Many DDoS attacks in the past used to be associated with such civil disobedience, though now the motive is usually blackmail and profit.

2007: The entire country of Estonia was largely knocked offline during a period of high tensions with neighbouring Russia.