How any business could be susceptible to denial-of-service attack

The headline “company disrupted by DDoS attack” has become more common in the past few months in New Zealand. ANZ, Kiwibank, Metservice, NZ Post and others as well as several internet service providers have been targeted. So, what does it mean?


First things first, let’s talk about the overall framework for cyber defence in New Zealand.

The NZ Government set up the Computer Emergency Response Team (CERT) in 2016, joining an international network of organisations.

CERT NZ is a key component of New Zealand’s Cyber Security Strategy, contributing to the delivery of the Strategy’s vision of a confident and secure digital New Zealand.

What is denial of service attack?

The intent is to make a network or website or other computer service unavailable to its intended users, by overwhelming its ability to process the requests. A DDoS is when those requests come from distributed sources – or lots of different places.

Here’s how CERT NZ describes a DDoS.

What it looks like in reality is that a website can’t load, loads slowly, or a payment can’t go through, or people’s internet being down. If it seems like DDoS attacks have had a bit of a renaissance, that may be true. With so many working from home for the past 18 months, people are extremely reliant on digital tools.

All businesses are becoming increasingly vulnerable to cyber-attack

Many businesses may think their business is too small to attract cyber criminals. However, when it comes to cyber theft, size doesn’t matter. Cyber hackers are on the lookout for businesses of any size with valuable customer data they can steal and sell on the black market.

Late last year, the National Cyber Security Centre said that a range of New Zealand organisations had been affected by DoS events.

As a result, network security and data protection has become increasingly important with many creating a cyber risk policy as a result.

What is cyber protection insurance?

Cyber Protection Insurance is a relatively new form of cover, and while it cannot prevent a security breach, it can assist in the event of an attack.

A Cyber Protection Insurance policy should be an important part of your risk management plan and is designed to help protect your business from the financial impact of computer hacking or a data breach.

How can we help?

At Wayne Grayson & Associates, we believe an informed insurance decision is the right one.

If your business has a website or electronic records, you are vulnerable to cyber hackers. In fact, it’s possible that your business will suffer a DDoS attack at some stage.

Depending on your Cyber Protection Insurance policy, you may be able to make a claim for losses caused by the interruption to your business, the costs of recovering your data and upgrading your software, and ongoing crisis management expenses due to a cyber-attack.

Contact one of our Auckland-based insurance brokers for advice on the best solution to suit you or your organisation.

Back to Blog