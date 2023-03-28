The attack caused what some said was "retail chaos". Photo / 123rf

The bad news: a sweeping Eftpos outage last month was caused by a cyberattack, online payment systems provider Windcave tells the Herald.

The outage hit The Warehouse, Countdown and Briscoes stores, among others, causing what some described as retail “chaos”.

The good: it was a type of attack that does not put data at risk - even if it can be used to extort money from a service provider to make it stop, and restore access for customers.

Specifically, it was a distributed denial of service (DDoS) attack - where hackers block access to a site by flooding it with connection requests from bots.

“The February 5 outage was caused by a large-scale bot DDoS attack, lasting over several days, with some customer access impacted for a shorter period,” Windcave chief information officer Mark Payne told the Herald.

“There was no hack, no data breach or loss of any data and there is no evidence pointing to a particular country for the attacker,” Payne said.

“Windcave remained operational throughout, but some customers, in certain regions, were unable to access the working systems because of high volume of traffic generated by the DDoS.”

No data is the risk with a DDoS attack, such as the one that forced our stock exchange offline in 2020. At various points, Kiwibank, ANZ, NZ Post, the Police and MetService have all had their sites rendered inaccessible by DDoS assaults.

Earlier, computer scientist Dave Parry told the Herald that hackers used to carry out DDoS attacks for kicks, to show off. Today, they’re more likely to be commercially motivated, demanding money to cease their attacks and allow customers to access a service again.

The motive can also be political. Last year, GCSB director-general Andrew Hampton warned that Putin-supporting hackers had threatened revenge attacks on targets in countries that supported Ukraine.

Parry said it was always difficult to pin down the origin of a cyberattack, but there several factors that made Russia a hotbed of hacker activity, including “a weaker legal framework, lots of very good mathematicians and large-scale organised crime”.

Cooperation with Western law enforcement was limited, even before the Ukraine invasion.