ake78 (3D & photo) - Fotolia

DDoS downs New Zealand stock exchange for third day

Distributed denial of service attack from overseas has left stock exchange offline for days

New Zealand’s stock exchange has been offline for days after a distributed denial of service (DDoS) attack affected its network connectivity.

On the afternoon of Tuesday 25 August, the stock exchange said it had been hit by a volumetric DDoS attack from offshore via its network service provider, which had impacted network connectivity.

New Zealand’s Exchange (NZX), which operates the market, said in a statement that systems including websites and the markets announcement platform had been hit. At the time, it said the attack was mitigated and connectivity was restored.

NZX expected the market to open the following day, Wednesday 26 August, but it decided to halt trading again after a further disruption.

The organisation is working with cyber security experts and hopes to get back to normal trading on Friday 28 August.

“This decision not to reopen has been made while we focus on addressing the situation,” it said. “We continue to address the threat and work with cyber security experts, and we are doing everything we can to resume normal trading tomorrow (28 August).”

Stock exchanges are important to a functioning economy, and even a short outage can cause economic havoc. Stock exchanges have invested heavily in trading systems that can complete trades from start to finish in microseconds and build infrastructures to minimise downtime.

Cath Goulding, CISO at .uk domain registry Nominet, said the New Zealand attack was very serious and “shows just how much havoc hackers can cause on a national scale, even with attack techniques that are relatively well known”.

Read more about mitigating DDoS attacks

  • Automation can significantly improve response times during a distributed denial of service attack, reducing the potential damage to targeted organisations.
  • Network layer and application layer DDoS attacks are significant threats. Learn about the differences between them and what you can do to reduce their effects.
  • Although most scrubbing services can help fend off distributed denial of service attacks, a more comprehensive mitigation strategy is required to remain unscathed.

“There are suggestions that nation-state hackers are behind this attack,” she added. “Whether they are or not, it demonstrates how cyber crime can hit right at the heart of a country’s operations. While a stock exchange might not be what we traditionally consider to be critical national infrastructure, it is critical to the economy. Any downtime at all is putting millions of dollars at stake and in this instance it was brought offline two days in a row.

“Above all, this raises the issue to countries and governments around the world that critical financial services need to be treated as an extension of government security. They should be given the utmost help and support from security agencies to protect them and help mitigate damage to the economy.”

Although DDoS is, arguably, one of the cruder methods of launching a cyber attack, some of the most damaging cyber incidents of recent years have been caused by DDoS, most famously the Mirai internet of things botnet attack, which took multiple websites offline by targeting DNS services provider Dyn.

Read more on Hackers and cybercrime prevention