MetService latest NZ organisation to be hit by targeted cyber attack, TSB experiences tech issues

MetService is the latest organisation to be hit by the same cyber attack that crashed the NZX website for five days.

The weather forecaster was hit by a DDoS (distributed denial of service) attack today, but a spokesman said it was dealt with "in a timely manner".

"As of 5pm today, there has been no notable loss of performance to any MetService digital platforms," he said.

"MetService also operate a back-up site, this site contains all safety critical information, and includes authorised MetService severe weather watches and warnings, MetService rain radar imagery and brief forecast information."

The Metservice team remained "on the highest alert of any threat" and the forecaster's service provider had extra resources to manage the situation should it escalate, he said.

Meanwhile the Government Communications Security Bureau was working to get on top of the cyber attacks disrupting the NZX website.

The website was downed for five trading days in a row following targeted DDoS attacks from Tuesday last week.

GCSB Minister Andrew Little today told Newstalk ZB's Mike Hosking the stock market has been getting advice from the GCSB since the attacks started.

He said the NZX received an email message before the stock market was hit and work was under way to track the message's origin.

"The NZX got a message, an email before they got bombarded, so there's work going on tracking back where that might have come from," said Little, adding banks and a media outlet were also impacted by DDoS attacks on their systems.

Little said the GCSB was in a position of managing the continued attacks, rating it as 7/10 in terms of progress.

"The NZX contacted the National Cyber Security Centre which is part of the GCSB. They didn't want help originally but as it wore on last week they got help."

By Friday the GCSB stood up a serious group to deal with the ongoing attacks on the stock market.

Little said it appeared to be criminally motivated rather than a state-led attack.

"The nature of this tends to be criminal activity rather than state backed. You can't rule it out but it's more likely than not to be criminal activity."

Last Friday, the Stock Exchange suffered its fourth day of offshore cyber attacks, overwhelming the NZX website.

Share trading was temporarily put on hold, because investors could not see up-to-date company announcements, leading to an uninformed market.

The ZDNet technology website said the cyber attacks had occurred around the world over the past two weeks, but the NZX was among the hardest hit.

Despite this continued attack on its website, the NZX continued to trade all day uninterrupted.

TSB bank also responded to an incident causing disruption to some of its services this afternoon.

CEO Donna Cooper said the bank had informed the appropriate authorities and would continue to work closely with them on this.

Cooper declined to comment on whether the incident may have been related to a cyber attack.

TSB Bank's online services went down this afternoon, but the bank would not say if it was a cyber attack or not. Photo / Warren Buckland

"TSB customers can be assured we have a plan in place which we are implementing and we are working closely with local and international suppliers," she said.

"Thank you to our customers for their patience if they experience service outages, they can be reassured that TSB remains sound during this disruption to our service. We're sorry for any inconvenience this has caused."

By 4.30pm Tuesday the majority of the bank's services were back up and running, but customers were warned they may experience some intermittent outages until work was completed.

Kiwibank's internet banking and mobile app were loading slowly for a few hours this afternoon, but a spokesperson said it was an internal issue.

On social media, the bank said it was due to a network issues, and staff were aware of an issue with its mobile app and internet banking not working.

A spokesperson said the issue was not linked to recent cyber attacks in New Zealand, which also affected the global payments company, PayPal, and money transfer companies Braintree and Worldpay.

Media organisations RNZ and Stuff reported yesterday being subject to failed attacks.