Cyber attacks and Landonline users

Cyber attacks are becoming more common. Businesses that use Landonline should protect themselves from attack, take steps to ensure business continuity, and let us know about any incident.

Protecting yourself and your business

You, your business and your staff can take steps to increase your cyber security:

  1. Educate yourself and your staff about cyber attacks and password security.
  2. Implement an air-gapped or offline backup process, and have your IT provider ensure the backups are suitable for a full restore.
  3. Implement multi-factor authentication on all applications and remote access to your system.
  4. Ensure your system and software (including your antivirus software and operating system) are up to date, and all software updates and patches are installed.
  5. Have a clear process to follow if you or your staff think a cyber attack has occurred.

It is important to ensure business continuity, such as making sure your business can complete urgent transactions if you are the target of a cyber attack. You may want to have a trusted external Landonline user with certify and sign rights, such as your Power of Attorney, associated with your account in advance. There is no charge for this – simply apply for multiple account association for your nominated people.

Multiple account association for Landonline users

Types of cyber attack

Cyber attacks are on the rise and over the past year we have noted more attacks on businesses we routinely deal with, including law firms. Cyber attacks put your data, customers and reputation at risk. They can happen to any size or type of business, and can target anyone working online, both in an office or home environment.

Two common types of attack we have seen recently are ransomware and malware attacks.

Malware is software designed to damage a computer system or access your data. Malware attacks often happen after a staff member unknowingly clicks on a malicious link in an email.

Ransomware is software that denies a user access to their files or computer system unless they pay a ransom. The first sign of a ransomware attack is often a message appearing on your screen saying that you need to pay a ransom to regain access to your system.

Cyber attacks can cause huge disruptions to your business including loss of income and productivity, but there are steps you can take to reduce the risk of falling victim.

What to do if you suspect you have been attacked

Take immediate action – even if you aren’t sure what has happened, it’s better to be safe than sorry.

If you suspect you are the victim of a cyber attack you should get the affected device offline immediately. The faster you do this, the more you can contain the spread of the malicious software. Take the network cable out of your workstation and unplug your internet/wireless router. Repeat this for any other devices connected to the same network.

You need to notify Toitū Te Whenua of the incident so we can take measures to ensure your Landonline access remains secure.

CERT NZ strongly recommends that victims of a ransomware or malware attack don’t pay a ransom. There is no guarantee that you’ll get your data back and it could put you at risk of future attacks.


You should also log an incident with CERT NZ either by calling them on 0800 CERT NZ, or through their website.

Reporting form for businesses and individuals – CERT NZ

Your in-house IT resource or a reputable computer services company will then need to get you back online safely:

  • Restore the system from the most recent backup, or restore the computer to its factory settings and reinstall your operating system.
  • Run full updates and security patching on all devices on your network before reconnecting to the internet.
  • Check for any residual ransomware or malware on the computer. To see if the ransomware or malware that you were attacked with is still running an expert will need to look for indicators of compromise.
  • Identify and install additional security protection measures if necessary. This may include improving the network border security (for example, by implementing an enterprise level router or firewall), introducing an air-gapped or offline backup, or adding to your vulnerability and antivirus/anti-malware protection.