A New Zealand financial institution’s systems were attacked three weeks ago by hackers within minutes of going online.
The organisation handled 28 attacks on day one and 40 on the second day but says the system was not breached and no damage was caused.
The company wouldn’t be named but Unisys, whose recently-developed anti-hacking software is used by the organisation, says the hackers could be tracked right down to their phone numbers, email addresses and ISPs.
Unisys says it has tracked hacking attacks for customers that resulted in it sending out warning letters to hackers in Wellington and China and alerting their ISPs.
Unisys head of security Darren Burnnand says his company developed an “internet financial transaction engine” for the institution as it was put on the web.
The several-month project included spending a six-figure sum on security, which features Nokia firewalls, Check Point software and intrusion detection products from ISS.
Unisys NZ has also developed and manages from Wellington a “correlation engine” which looks for hacking trends and the persistency and complexity of attempts.
Finance companies are “fair game” to hackers, says Burnnand, but attackers can be traced.
“Our system brings up a picture of the globe and we can track it down to an individual. In just about every case, we can track it to an email address, ISP or phone number.
“It does a full route check right back to the user. It routes using the Unisys network, right through the ISP so we can see everything through the chain and we can pick off the information we need off the logs,” he says.
Burnnand says the attacks at the financial institution were mainly port scans, with a few technically complex attempts from “script kiddies”.
Port scans are left alone, but those making complex attacks will be traced and contacted.
“We are in the process of dealing with a couple of IP addresses from overseas.”
Burnand says someone who hacked “a large, well-known corporation in Asia” and used it as a launch pad for attacks was embarrassed to be traced.
Unisys’s software also traced a person in Wellington who was hacking from his place of work. “We let the client take care of that.
“I think they had a word with the person in the IT department,” he says.