Menu
Reserve Bank bolts the door after cyber-attack with new file transfer application

Reserve Bank bolts the door after cyber-attack with new file transfer application

Upgrade comes in wake of a major data breach at New Zealand's central bank

Adrian Orr (Reserve Bank of New Zealand)

Adrian Orr (Reserve Bank of New Zealand)

Credit: Supplied

The Reserve Bank of New Zealand – Te Pūtea Matua is replacing the file transfer application breached in a "malicious" cyber attack over the Christmas period.

A new secure file transfer system was expected to be in place next month, Reserve Bank governor Adrian Orr said today. The old system had already been shut down.

The breach targeted a legacy file sharing application from US company Accellion, which has been trying to get its remaining users to upgrade to the latest, cloud-based version, called Kiteworks.

Reseller News revealed the software involved after it was referenced in an internal consultation report last May. However, for reasons still unknown the bank appeared to have incorrectly specified it was using the new version of the software.

Earlier, Orr had said there are serious questions that have been answered by the team at the bank and there were "more for the supplier of the system that was breached".

The bank did not say today whether it was upgrading with Accellion to Kiteworks or implementing a product from another vendor.

The bank said it expected to receive a review of the incident by KPMG by the end of March after releasing the terms of reference today.

"We will continue to be as transparent as possible, being mindful of privacy and issues of commercial sensitivity, as well as the ongoing criminal investigation,” Orr said.

Orr said the review was in addition to the forensic and criminal investigations still under way with a focus on improving systems and work practices.

The scope of the review specifically excluded detailed assessment of the vendor control environment and software development processes and procedures.

It also excluded any comprehensive business wide review of information management practices, as the bank was scheduling this for later in the year.

“The recent attack on the externally facing system used by the bank revealed some service provision shortcomings and lessons for us on how we protect and manage the information we need to do our job," he said.

“We’ve asked KPMG to take a wider view of how the bank manages information and what improvements we can make.

“Just after the breach, I apologised for falling short of the standards expected by our stakeholders, and the standards we set for ourselves. This KPMG review is just one of the ways we are working to put that right."

Orr said the bank was being well supported in its response by domestic and international cyber security experts and relevant authorities and counterparts.

“We continue to work closely with the organisations whose files were illegally downloaded and I would like to reiterate my thanks for their continued support and cooperation,” Orr said.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags hackingcybercrimeAccellionReserve Bank of New ZealandcybersecurityRBNZ

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments