Back to Insights

New Zealand’s Stock Exchange Hit By Cyber Attack Two Days In A Row

Cyber security 10/10/2020 - 10:22 by Swami Nathan

New Zealand’s stock exchange was knocked down for two days in a row because of a cyber-attack. As reported, the NZX exchange went offline at 11.24 am local time on Wednesday, August 26, causing some trading to be halted even though connectivity was partially restored. The NZX acknowledged that it had experienced “network connectivity issues”, resulting in the temporary holding of the NZX mainboard, the NZX debt market and the Fonterra shareholder market. Subsequently, those areas were permitted to resume trading at 3.00 pm.

New Zealand Stock Exchange DDoS attack highlights security problems

This incident happened on Tuesday, August 25, a distributed denial of service (DDoS) attack on the stock exchange, which forced it to suspend trading at 3.57 pm. In a statement released on August 26 referring to this attack, the NZX indicated foreign hackers were to blame: NZX encountered an offshore volumetric DDoS attack yesterday afternoon via its network service provider, which impacted connectivity to NZX network. The affected systems included both NZX websites and the Markets Announcement Portal.

The Fonterra Co-operative Group is the largest milk exporter in the world, processing more than 2 billion litres of milk a day. In 2018, foreign investors owned 40 per cent of the shares in the company.

Institutional dealers were forced to trade during the shutdown by dealing directly with each other. During the lifetime of the cyber-attack, this mode of communication allowed them to position “negotiated trades”. However, the public market was halted so as not to place the traders at a disadvantage.

Cause of DDoS cyber-attack in New Zealand

Government agencies in New Zealand said the cyber-attack originated from offshore sources. But the government has not been able to determine the exact cause of the cyber-attack. The government said it was difficult to determine the source because of the traffic originating “via the global gateway”.

The government, too, has yet to set the motive for the attack. CertNZ, a cyber-security company in New Zealand, had given alerts about emails sent to financial institutions, threatening to shut down the NZX unless they paid a ransom. The emails have been suspected to come from Russian danger actor Fancy Bear.

The group had made small bursts of attacks to intimidate the firms into compliance. The timing of the incident is especially worrying, given that it happened to investors during the busy earning season.

The conditions surrounding the attack indicate that the same party was living up to its pledge and causing money to be lost to the traders. A new age of large-scale attacks designed to compel corporations to pay a ransom for their collective goods might mark this new type of extortion.

By flooding it with internet traffic, DDoS attacks are intended to interrupt a network, thereby crippling its capacity to handle legitimate requests.

The New Zealand central bank warned that up to 3 per cent of banking and insurance income could be eliminated by cyberattacks. Cybercriminals rarely target the country, with a small population of about 5 million. Over the years, however, it’s a far bigger neighbour, Australia, has seen increased cyber-attacks.

New Zealand Government’s reaction on cyber-attack

Wellington has engaged the Government Communications Security Bureau (GCSB), which is responsible for both intelligence collection and protection of the vital cyberinfrastructure of the country, to ward off cyber-attacks.

Grant Robertson, the country’s finance minister, said that the officials in the government take this very seriously without revealing the terms of particular information. The government has also refused to clarify the impact of the cyber-attack on the stock market system and data.

“Given that this is an ongoing response, NZX cannot include information on the nature of the attacks or counter-measures”, Mark Paterson, CEO of the stock exchange market, said. He added that the incident was not an “issue of data or communication integrity”.

How to prevent from a DDoS Attack?

Automation technology can partially help avoid cyber-attacks, but to protect the website to the fullest degree, it also requires human intelligence and monitoring. Traditional web-buildings are not enough. The best safety is provided by multi-layered cloud security built and controlled by highly skilled and dedicated engineers. Understanding how DDoS attacks operate and becoming acquainted with your network’s actions are critical steps in avoiding cyber-attack intrusions, interruptions, and shutdowns. To help avoid a DDoS attack, here are some other tips:

  1. Implement technology which enables you to visually monitor your network. On average, know the amount of bandwidth your site uses. DDoS attacks provide visual hints, and if you are deeply acquainted with the usual actions of your network, you will be able to spot these attacks more quickly.
  2. Make sure your server capacity is capable of managing high traffic spikes and has the requisite mitigation tools to fix security issues. Add extra bandwidth.
  3. Update the firewalls and network security applications and patch them.
  4. Understand how the cybersecurity framework operates, and if a DDoS occurs, set up protocols specifying measures to take. Practice executing it.
  5. Don't hesitate to call a pro. If an attack takes place, DNS providers and businesses such as Teceze will help you secure your web property by redirecting visitors as required, tracking output for you, and spreading traffic through a variety of servers.

New Zealand’s stock exchange was knocked down for two days in a row because of a cyber-attack. As reported, the NZX exchange went offline at 11.24 am local time on Wednesday, August 26, causing some trading to be halted even though connectivity was partially restored.