August 27, 2020

New Zealand Stock Exchange hit by second DDoS attack

By Ellen Daniel

The New Zealand Stock Exchange has been temporarily shut down for the second day in a row due to a cyberattack.

On Wednesday the New Zealand Stock Exchange said that it was experiencing “connectivity issues” due to “further disruption similar to yesterday’s related to a DDoS (distributed denial of service) attack”, and decided to halt trading in its cash markets at approximately 11.24am.

The NZX main board, NZX debt market and Fonterra shareholders market were placed on hold, but resumed trading at 3pm.

Trading was also halted on Tuesday just before 4pm due to an “attack from offshore via its network service provider”. The New Zealand Stock Exchange also said that the attack had been “mitigated and connectivity has now been restored”, but then experienced a second attack.

A DDoS attack is when a malicious actor floods a network with more traffic than it can deal with using bots, meaning it cannot operate and must be taken offline.

DDoS attack on New Zealand Stock Exchange highlights security concerns

Nick Turner, VP EMEA, Druva explained that this attack and others demonstrates the importance of remote working security.

“Today’s second attack on New Zealand’s stock exchange is yet another reminder that remote work security challenges need to be addressed as a priority. Local governments and cities need to act fast, or risk putting their constituents’ health, safety, lives and most sensitive data at risk,” he said.

“Unfortunately, there are nasty consequences for governments that lack the correct backup and recovery solution for their data. The only way we’re going to stop this is by supporting organisations in automating their data protection, compliance, security and backup. The only way to be safe – whilst operating 24/7 – is to build a cloud-based data protection hub to manage, protect and secure data.”

According to the BBC, security company CertNZ issued a warning last November that extortion emails were being sent to financial services companies in New Zealand claiming to be from Russian hacker group ‘Fancy Bear/Cozy Bear’. The emails warned that the attackers would carry out denial-of-service attacks if ransoms were not paid.

However, it is not yet known whether the attack on the New Zealand Stock Exchange is connected to the extortion emails.

Jake Moore, Cybersecurity Specialist at ESET said that while DDoS attacks can be avoided using the right security measures, they can “cause havoc”.

“As the world becomes increasingly connected, more defenses are required to protect against the bombardment of attempts to take down a site. DDoS attacks are common threats that can usually be avoided with the correct mitigation techniques. However, when a site experiences a massive influx of traffic that it is not prepared for, even huge organisations can be knocked off their feet relatively easily – and for long periods of time,” he explained.

“One common mistake organisations make is to underestimate the magnitude, force, and determination that threat actors possess. These gangs will continue to cause havoc by directing massive volumes of traffic to a website, either to send a message or test the site’s defenses in preparation for further attacks. Whatever their reason, it’s clear that we should never take this threat too lightly and need to start protecting now for even stronger DDoS bombs.”

This comes as DDoS attacks rose by 542% in Q1 of 2020 compared with the previous quarter.

In January, the UK government investigated whether a cyber attack was behind a “software glitch” that affected the London Stock Exchange.

Miles Tappin, vice president, EMEA at ThreatConnect explained that the incident affecting the New Zealand Stock Exchange demonstrates how the issue is becoming more serious.

“The threat to critical infrastructure continues to become more severe and sophisticated as the years go on, but the two day distributed denial of service (DDoS) attack on the New Zealand stock exchange proves just how serious the issue is becoming,” he said.

“While DDoS attacks typically last a couple of minutes to hours, we have started to see them stretching to days even weeks, which can have a significant and lasting impact on any business. New Zealand, and other states worldwide need to use this attack as a stark reminder of the importance of protecting their national critical infrastructure. It is paramount that organisations with any strategically useful information prepare themselves to deal with highly sophisticated attacks.”


Read more: DDoS attacks rose by 542% in Q1 of 2020.


 

Verdict deals analysis methodology

This analysis considers only announced and completed deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: