NZX claims ‘offshore’ actor was behind cyber-attack
A New Zealand stock exchange has been hit by a series of distributed denial-of-service (DDoS) attacks, knocking services offline for two days in a row.
New Zealand’s Exchange – also known as NZX – said it was hit with a DDoS attack on Tuesday, which it claims came from overseas.
In a joint statement with network provider Spark, NZX said it “experienced a volumetric attack from offshore, which impacted NZX system connectivity”.
Impacted systems included NZX websites and the Markets Announcement Platform.
NZX halted trading in its cash markets at 15:57 local time. Normal service resumed within an hour, Spark added, although neither party confirmed what impact the disruption caused.
DDoS for days
Yesterday’s incident was not self-contained, as another attack targeted the exchange this morning (Wednesday, August 26).
The network was interrupted at 11:24 local time, as trading in cash markets was once again frozen.
A statement from NZX reads: “This morning NZX experienced a further disruption similar to yesterday’s related to a DDoS… attack.
“The systems impacted included NZX websites and the Markets Announcement Platform.”
NZX added: “The NZX Main Board, NZX Debt Market and Fonterra Shareholders Market returned to normal trading at 3pm.”
Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, said: “Unfortunately, not much can be done to prevent large-scale and well-prepared DDoS attacks today.
“During the pandemic, the average price of bots used for DDoS has fallen, and will probably become even more affordable. When millions of devices suddenly start a massive attack, it’s a question of network capacity – not really network security.”
He added: “Web applications and APIs should, however, be regularly audited for business logic and architectural security flaws that may consume all CPU/RAM and greatly facilitate a DDoS attack.”
The Daily Swig has reached out to NZX to clarify the impact of the attack and will update this article accordingly.