NZX Stock Market Knocked Offline
The Wellington-based NZX exchange first went offline on Wednesday 26th August and although some connectivity was restored for investors, some trading was halted. The incident follows a number of alleged cyber attacks by foreign actors on Australian government and commercial organisations which ate alleged to be attacks by Russian hackers.
The NZX has said it had experienced “network connectivity issues” and that the NZX main board, NZX debt market and Fonterra shareholders market were placed on halt.
The interruption followed a shutdown and trading halt due to an overseas-based distributed denial of service (DDoS) attack. The NZX says that it had “experienced a volumetric DDoS attack from offshore via its network service provider, which impacted NZX network connectivity”. It said the attack had affected NZX websites and the markets announcement platform, causing it to call a trading halt at 3.57pm on Wednesday 26th.
NZX said the attack had been “mitigated” and that normal market operations would shortly resume, but this subsequent attack has raised questions about security.
A DDoS attack aims to overload traffic to internet sites by infecting large numbers of computers with malware that bombards the targeted site with requests for access. Prof Dave Parry, of the computer science department at Auckland University of Technology, said it was a “very serious attack” on New Zealand’s critical infrastructure.
He warned that it showed a “rare” level of sophistication and determination, and also flagged security issues possibly caused by so many people working from home. “Unfortunately the skills and software to do this are widely available and the disruption of Covid and people working from home all over the world potentially with lower security on their computers means that these attacks are easier than usual.”
Parry said there are two options for NZX to deal with the DDoS: shutting down the “bots”
- Getting users to update security patches and delete the malware, Or
- Blocking the IP addresses of the bot machines with a firewall so that the NZX site doesn’t have to deal with them.
While it is not clear what the motives were behind these cyber-attacks, these attacks were probably financial motivated. A distributed denial-of-service attack is one of the most powerful weapons on the Internet as it overwhelms a site with more traffic than the server can accommodate. DDoS attacks are often used by financially-motivated cyber criminals.
@NZXGroup: RNZ: NZHerald: The Spinoff: Guardian:
You Might Also Read:
Russian Cyber Operations: State-led Organised Crime: