Kiwi companies may be at risk after cyber attack on internet safety company

An international internet safety company says it's been attacked, potentially putting New Zealand customers at risk.

SonicWall is an American-based firm selling products to keep organisations safe from cyber threats.

The company recently found a cyber attack was affecting some products that businesses use to get offsite access to work systems.

New Zealand's computer emergency response team, or CERT, sent out an advisory yesterday urging organisations using businesses to take measures to prevent the attacks.

In a statement, CERT's principal advisor on threats and vulnerabilities, Michael Shearer, said the best course of action was for businesses using SonicWall to contact their IT team or provider.

It said the products were typically used by small-to-medium-sized businesses.

Last night Shearer said CERT was not aware of New Zealand organisations that were impacted.

"But [CERT] has released an advisory as a proactive measure to make sure businesses who may be running these products are aware, and can protect themselves."

AUT computer science professor Dave Parry told RNZ a two-step verification was one way to minimise the attacks.

"Two-factor authentication is something like you might put in a password and then you get a text on your phone or something like that and you have to put in that code as well."

Parry said these kinds of attacks were increasing.

"I suspect like a lot of these things they're a fashion. So once a group hears about doing this sort of thing, then other people start to copy it.

"The other thing is absolutely with COVID, the number of people working remotely has increased so much that these are now much more common devices and they're much more commonly used and much more routine so it's worth attacking them more."