Summary
- New Zealand’s national stock exchange faces cyber-attack four days in a row.
- The NZ government have asked the Government Communications Security Bureau along with the national agency to step in.
- The failure to stop these continues four days attacks have now raised questions on New Zealand’s security systems.
On Friday, August 28, the New Zealand’s Exchange (NZX) again became a target of a sophisticated cyber-attack. The exchange was knocked offline by an offshore DDoS attack. Initially, the session resumed but later halted because of the attacks. NZX suffered a series of cyberattacks in four consecutive days, as the share market website went down in a very common type of cyber-crime Distributed Denial of Service (DDoS) attack. The New Zealand government said national security system is activated to support the bourse.
As of now, there is no clear idea on who is behind these offshore attacks. NZX Ltd trading session came to a halt in the afternoon on Friday, making it a four day in a row.
Identifying the serious problems NZX facing, the NZ government stepped in. The Finance Minister Grant Robertson said that the Government Communications Security Bureau along with the national agency is helping the exchange operator to fight the cybercrime. Robertson, during the media briefing in Wellington, said that he could not share all the specific details, but the government is treating this very seriously.
The Government Communications Security Bureau (GCSB) is a security and intelligence bureau. The National Cyber Security Centre a part of it. The bureau provides help and advice in cybersecurity matters.
NZX website is down
On 25 August, Tuesday, the exchange halted stock trading at about 4 pm. Wednesday, the trading session on S&P/NZX was cut short by an hour. It opened in the morning as usual and traded about an hour before NZX halted the session in its cash markets at approximately 11.24 am. The NZX Main Board, NZX Debt Market and Fonterra Shareholders resumed trading at 3 pm. The exchanged stopped trading in debt and equity markets for the most of the day on Thursday and derivatives market was also closed by 4 pm.
What initially was being considered as a network connectivity issue is now being considered as a cyber-attack. On Wednesday, NZX and the network service provider Spark released a joint statement in which NZX confirmed reports of a second DDoS attack similar to the Tuesday’s. The company said that the attack was generated from offshore and NZX is working with its network provider to address the issue which impacted the NZX system connectivity.
The failure to stop these continues four days attacks have now raised questions on New Zealand’s security systems.
Also read: How S&P/NZX50 Performed on August 26, 2020?
What happens during Distributed Denial of Service (DDoS) attack?
DDoS attacks are frequent cyberattacks which are to disturb the regular traffic of the server with malicious intent. During such attacks along with the targeted server, the services are also targeted, creating an overwhelming flood of internet traffic. The website and the servers crash as they cannot cope up with the scale of data flow, disturbing the usual business.
Also read: Cybersecurity and the Requirement of a Resilient Environment in Australia
NZX victim of prevalent cybercrime:
Recently NZX reported a lift in its earnings, reflecting strong foundations and steady support for Kiwi companies. With this cheerful announcement for the market, the series of cyberattacks are seen as a lack of cybersecurity measures for NZX.
Many media outlets have reported that the NZX is continuing to investigate the origin of the attack, but it was released from offshore through its network service provider. Spark confirmed to Reuters that they know the attacks are coming from global gateway, but it is near impossible to track down such attacks to know for sure where it's coming from.
Cybercrime scenario has changed worldwide, and the attacks are getting more organised. The DDoS attack is one of the common cyber crimes which can result in online ransoms. Clearly, the NZX has not been hacked, but instead, the attackers showed their sophistication and determination towards the act.
On Wednesday, the systems were down including NZX website and its Market Announcement Platforms such as its ticker board rapidly and brightly blinking.
Cybersecurity need of an hour?
Back to back four days, the hackers attacked the NZX server and brought down the entire system. The hackers successfully used the DDoS attack, which is one of the most potent weapons on the internet. Generally seen in such attacks, the attacks bombard the servers with traffic which may consist of incoming messages, requests for connections. In NZX attack, the attackers flooded the NZX website with invitations to connect by harnessing a few computers. The computers used in this attack might as well be of some innocent malware attack victims. This overloaded the exchange operator’s servers and crashed the site.
The DDoS attacks can be purchased on black markets online and hack innocent computers to felicitate such attacks on more prominent victims. The computer users may not even know that their device is being used to demonstrate such level of crime.
This could also result in more aggressive and damaging attacks with an extortion threat unless the targeted company pays the attackers in cryptocurrency.
The self-proclaimed group of cybercriminal ‘Armada Collective’ has repeatedly attacked the financial industry demanding ransom in the form of bitcoin. They hosted a series of Nefarious attacks since 2015, such as DDoS attacks and ransomware campaigns. The purpose behind these attacks are not only financial but also political or ideological. Some hacks also attack for experiment or entertainment.
A few months back, Australia faced a series of sophisticated cyber attacks. After which the Australian government chalked down a plan to strengthen its cybersecurity strategy. The government will invest AU$1.66 billion overall cybersecurity, including in technology and workforce skills on priority. New Zealand is a small country with a population of just five million. The state does not see such type of attacks so often. Hence these attacks are being considered on top priority by the government and the industry.
Also read: Cyber Espionage Campaign: Strings that tie China, Australia and the US